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Course outline 


E-COMMERCE 


Lesson 01 


E-Commerce and its types, Internet and WWW Basics, Internet standards and protocols, IP addressing, 
Data communication on internet, Domain name system 

Networking devices - Bridges, Switches, Routers etc., Role of ISP’s on Internet, Getting Domain name 
and IP addresses, Understanding electronic mail 
^ Markup languages and the Web, Web designing using HTML, CSS and Java Scripting 

Client side & server side processing, Cookies, Maintaining state in a stateless environment, two tier/n- 
tier architecture 

Security issues on the internet, Firewalls, Proxy Server, Virtual Private Network 
4^- Cryptography and Public key infrastructure (PKI), Certification Authorities and Digital Certificates, 
Digital signatures Technology 

4S^“ Electronic Payment Systems — Virtual Pin payment system, Centralized account system, Electronic 
Check, E-Cash, SSL and SET based payment systems 
4SP" E-business— advantages/disadvantages, Paper and electronic catalogues 
Electronic Data Interchange (EDI) 

4BP" E-business models 
Internet marketing 

■flP- Data mining and knowledge discovery Process, OLAP, Types and business application of data mining 
■^"E-business strategy, supply chain/value chain analysis and Porter’s model, role of e-commerce in 
competitive strategy 
■flP" E-banking, ERP 

Legal/policy issues in e-commerce —salient features of Electronic Transactions Ordinance, 2002 in 
Pakistan 

Territorial jurisdiction 
Cyberspace 

4BP" Issue of ISP’s liability, 
crimes 

Suggested books 

4|P“ Electronic Commerce (4th edition) by Gary P. Schneider 

4BP" Electronic Commerce : Security, Risk Management and Control by Greenstein & Feinman 
Electronic commerce — A Managerial Perspective by Turban et al. 

Absolute Beginner’s Guide to Networking (3rd edition) by Joe Habraken 
■flP- Creating a Web Page (5th edition) by Paul Mcfedries 
■flP- Web Security, Privacy & Commerce by Garfinkel & Spafford 
■flP" Data Mining — Concepts & Techniques by Han Kamber 
■flP" E-commerce — Strategy, Technologies and Applications by David Whiteley 
■flP" Internet Law in Canada (6th edition) by Michael Geist 


and conflict of laws, online contracts, online defamation, Copyright in 
domain-name and trade mark conflicts, privacy issue on the internet, Cyber 


© Copyright Virtual University of Pakistan 


1 




E-Commerce - IT430 


VU 


E-Commerce definition 

Electronic commerce is an emerging concept that describes the process of buying and selling or exchanging 

of products, services and information via computer networks including the internet 

E-commerce classification 

A common classification of EC is by the nature of transaction: 

^ Business-to-Business (B2B): electronic market transactions that take place between organizations 
Business-to-Consumer (B2C): retailing transactions with individual shoppers — typical shopper at 
Amazon.com is a consumer 

-flP 1 Consumer-to-Consumer (C2C): consumer sells direcdy to consumers, examples -individuals selling 
in classified ads, auction sites allowing individuals to put up items for auction — e.g, e-bay 
Consumer-to-Business (C2B): individuals who sell products or services to organizations and those 
who seek sellers and conclude a transaction 

^ Intra Business (organizational) EC: all internal organizational activities involving exchange of 
goods, services or information, selling corporate products to employees, online training and cost 
reduction activities 

Non-Business EC: academic institutions, not-for-profit organizations, religious/social organizations 
and government agencies using EC to improve their operations, customer service and reduce expense 

Basic Definitions 

Web client- machine that initiates internet request 

Web server — machine that services internet request 

Browser - software at the client side to interact with web data 

Intranet - an internal network of computers confined to a single place 

Extranet — when two or more intranets are connected with each other, they form an Extranet — e.g, Virtual 

Private Network 

Internet — a global network of networks is defined as internet 

Internet presents a two-way client server communication model as shown in Fig. 1 below: 

Client-Server Model 


What is the WEB? 



Fig-1 


The Web is a protocol that uses the internet as the communication structure. It links documents stored in 
computers that communicate on the internet. It is based on Hypertext Transfer Protocol (HTTP) - native 
protocol of WWW designed for making web page requests. 

HTTP is a four step process per transaction 


1. Client 

Makes an HTTP request for a web page 
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Makes a TCP/IP connection 
2. Sever accepts request 
Sends page as HTTP 

1 Client downloads the page 

2 Server breaks the connection 

HTTP is stateless because in the fourth step the server breaks the connection. We can say, therefore: 

Each operation or transaction makes a new connection 
Each operation is unaware of any other connection 
Each click is a new connection 

Side Effect of HTTP Transfers 

A record is left of all web transaction in a file that resides at the server called common log file. Good news 
is that some user data (record of his visits to the web sites) is recorded in a particular format in the log files. 
Bad news is that user privacy is not maintained. 

What can you do with this data? 

-flp- Rearrange your site by knowing which portions of your web site are popularly accessed and which are 
ignored by the users 

Change your marketing strategy - e.g., you can introduce some promotional scheme for boosting the 
sale of ignored items 

^ Make a mailing list - you can trace the location from where customers are visiting and prepare a mailing 
list for marketing purposes 
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WHAT IS A NETWORK 


Lesson 02 


A network can be anything from a simple collection of computers at one location connected through a 
connectivity media to the internet (a global network of networks). Local Area Network (LAN) is a server- 
based network confined to a particular area/place. Most LANs consist of many clients and a few servers. 

Fig. 1 below shows a simple LAN setup: 



Why networking your computer 

We network our computers to share resources and communicate. We can do networking for: 

1 File sharing 

2 Hardware sharing - printer sharing, for example 

3 Program sharing 

4 User communication through a machine called e-mail server 

Network protocol 

Network protocols are those standard rules using which computers on a network communicate and 
exchange data with each other. A group of protocols that prepare the data for communication on the 
network is called the Protocol stack. 

International organization for standard’s (ISO) model 

In 1970’s came ISO’s OSI model - a conceptual model for network communications. OSI stands for Open 
System Interconnection Reference Model and it proposes a 7 layer architecture. Each layer (except physical 
layer) at the sending machine sends instructions through its header to the receiving machine as to how the 
accompanying data be interpreted or treated by the receiving machine. Header is a piece of information 
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which is attached to the data at its beginning by each layer except the physical layer. The process of moving 
the data down the OSI Protocol stack at the sending machine is called Encapsulation, and the process of 
moving the data up the OSI stack at the receiving side is called De-encapsulation. Fig. 2 below shows names 
of the 7 layers of the OSI model which are numbered from bottom up. 


ISO OSI model 


Sender Side 


Application layer 
Presentation layer 
Session layer 
Transport layer 
Network layer 
Data link layer 
Physical layer 


Receiver Side 


Application layer 
Presentation layer 
Session layer 
Transport layer 
Network layer 
Data link layer 
Physical layer 


Application layer 


Fig. 2 


It sits at top of the OSI model. Requests related to file transfer and database queries are handled by this 
layer. Two very important protocols, namely, HTTP and FTP (file transfer protocol) operate at this layer. 

Presentation layer 


It is the translator of the OSI model. It provides instructions through its header that how the accompanying 
data should be formatted by the receiving machine. MIME-multipurpose internet mail extensions protocol 
operates at this layer to define file formats and data types 

Session layer 


It provides instructions about the nature of communication link between the sending and receiving machine 
during a session. A combination of protocols called Session Protocol Data Units work at this layer. Three 
modes of communication are simplex, half-duplex and full-duplex. Simplex means communication in one 
direction only. Half-duplex means communication in two directions but one party can send data at a time. 
Full-duplex means communication in two directions while both parties are able to send data simultaneously. 
It also places special checkpoints on data packets to trace any lost packets. 


Transport layer 

TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) operate at this layer. It has two 
functions. It converts the data into data packets. Secondly, it is responsible for flow control of data. TCP is 
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more reliable as it is acknowledgment based as opposed to UDP which does not use any system of 
acknowledgment for the delivery of data packets. 

Network layer 

It is responsible for providing IP addresses on data packets using IP protocol. Routing Information 
Protocol (RIP) also operates here which enables routers to build their routing table. Another protocol, 
Address Resolution Protocol (ARP) is also designed to operate at network layer. 

Data link layer 

It places data packets into data frames. Network Interface Card Drivers/Protocols operate at this layer. It is 
used to identify MAC or hardware address of computer machines. A mathematical calculation, Cyclical 
Redundancy Check (CRC), takes place here to confirm integrity of data frames. 

Physical layer 

It has got no header. All information including the header information is converted into binary data at this 
layer. It results into the generation of electric signals as Is and Os are queued up and travel along the 
connectivity media to the receiving side. 

Internet layers- TCP/IP stack 

Internet communication model (TCP/IP Stack) proposes a 4 layer architecture. Following are the names of 
internet layers that map with the OSI model’s layers: 

Application layer is equivalent to OSI model’s Application, Presentation and Session layers 
Host-to-Host Layer is equivalent to OSI model’s Transport layer 
-sF- Internet layer is equivalent to OSI model’s Network layer 
■#- Network Access layer is equivalent to OSI model’s data link layer 
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This mapping of layers is also shown in Fig. 3 below: 


TCP/IP Stack Mapped To OSI Model 

OSI Model TCP/IP Stack 



Fig. 3 

In the following table (Fig. 4) there is a list of important protocols that operate at the TCP/IP stack. 


TCP/IP Protocol Stack 
Members 


HTTP 

Used for web page requests 

Telnet 

Terminal Emulation Protocol connects a local computer with a 
remote computer 

FTP 

File Transfer Protocol provides an interface and services for file 
transfer over the network upload from local to remote & vice versa 

SMTP 

Simple Mail Transport Protocol provides e mail services on the 
internet 

TCP 

Transmission Control Protocol connection oriented transport protocol 

K dp 

User Datagram Protocol connectionless transport protocol 1 


Internet Protocol provides basis for IP addressing on the network 


Address Resolution Protocol maps IP address to MAC hardware 
address 


Routing Information Protocol Routing protocol used by routers to 
determine the best path for packets on the network 


IP addressing 


Fig. 4 


It is the logical addressing scheme used to identify computer machines on the internet. Each computer has a 
unique IP address provided by IP protocol for a given session. It is represented by four decimal numbers 
separated by a period e.g, 140.57.220.200 (see Fig. 5 below). Computers see this information as a stream of 
32 bits. 
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Fig. 5 


You can look at figures 6 to 8 below to revise the basic concept of conversion of decimal numbers into 
binary and from binary into decimal. 


Getting the binary bits:Example 


140.57.220.200 



/ I 1 \ 

140 57 220 200 



10001100 


00111001 


11011100 


11001000 



Fig. 6 
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Decimal To Binary 

2 

57 

2 

28 — 1 

2 

14_0 00111001=57 

2 

7 — 0 


3 — 1 

\ 

1 — 1 

23 

_FjgJ_ 


Binary To Decimal 


2 0 *l+2 1 *0+2 2 *0+2 3 *l+2 4 *l+2 5 *l 

+2 6 *0+2 7 *0=57 


Fig. 8 



Classes of IP address 

There are five classes of IP addresses, namely, A, B, C, D and E. Classes A, B and C are for general public 
use, whereas Classes D and E are used by people belonging to certain special groups. To find which class a 
particular IP address belongs to, the rule is to look at the number in the first byte. If this number falls 
within the calculated range of a specific class, then we can say that this IP address belongs to such particular 
class. 
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Fig. 9 below explains the logic how we can calculate these ranges: 


Look again at binary 
addresses???? 


> Classes of networks A,B,C,D and E 

> Network number starting with 0 

- 0111 1111 is the biggest number equal to 127 in decimal 
So, 0 127 is the range of class A networks 

> Network number starting with 10 
1000 0000 is equal to 128 in decimal 

- 1011 1111 is equal to 191 in decimal 

So, 128 191 is the range of class B networks 
^ Network number starting with 110 
□L100 0000 is equal to 192 in decimal 
BuOl 1111 is equal to 223 in decimal 
^d, 192 223 is the range of class C networks 
^Wetwork number starting with 111 
Bp, 224 255 is the range of class D & E networks 
fecial multicast and experimental groups 

> Only first byte tells network class 


Fig. 9 

By rule, in class A networks first byte would refer to the network address and the remaining three bytes to 
the host machines on that network providing a very large network. In class B, the first two bytes indicate 
the network address and the last two bytes indicate the host machines on that network giving rise to a 
medium-sized network. In class C, first three bytes refer to the network address and the last byte to the host 
machines on that network, which would therefore be a very small network. (See Fig. 10 below) 


Classes 


► Class A B large networks (net 1 byte/host3) 


0 Network host 


Class B medium networks (net 2 bytes/host 2) 


1 0 Network 


Class C small networks (net 3 bytes/host 1) 


110 Network 


Fig. 10 
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Lesson 03 

HOW MANY CLASS A, B, C NETWORKS AND HOSTS ARE POSSIBLE? 

Note that 126 class A networks are possible (0 and 127 are not used for general purposes). Each class A 
network can accommodate a maximum of 16 million hosts on it. There are 16384 class B networks possible 
and each can host upto 65000 host machines. There are 2 million class C networks possible each having the 
capacity to accommodate upto 256 host machines on it. 

Subnet mask 

An IP address is meaningless for the computers unless it is accompanied by a subnet mask. It tells to the 
computer machines that what part of the accompanying IP address corresponds to the network address and 
what part corresponds to the host machine on that network. A subnet mask is also represented by four 
decimal numbers separated by a period. Default subnet masks for class A, B and C types of IP addresses are 
as under: 

Class A: 255.0.0.0 
Class B: 255.255.0.0 
Class C: 255.255.255.0 

IP version 

The existing IP scheme (version 4) is likely to be replaced by IP version 6. It would provide 128 bits IP 

38 

addresses in hexadecimal format. According to an estimate a total of 3.4 x 10 addresses would then be 
available. 

Domain name system 

A Domain Name is a user friendly name used to locate a web site on the internet. For example, vu.edu, 
bestcomputers.com etc. Domain Name System (DNS) provides the structure and the strategy that is used to 
refer to computers on the internet by these user friendly names. Domain Names are Unique. They are 
assigned as one has to pay and register for them. With the help of DNS a domain name is translated into its 
corresponding IP address (see Fig. 1 below). A fully qualified domain name is processed from right to left 
for its translation into the corresponding IP address. A fully qualified domain name can be made up of a top 
level domain (TLD), second level domain (SLD) and subdomains, as shown in Fig. 2 below. Seven 
popular TLDs are “.com,.edu,.org,.gov,.net,.countryname,.int”. SLDs represent the name of a 
company/institution/entity. Subdomains represent the geographical or functional units of a 
company/institution etc. 
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How do we get the IP address? 

Domain name servers translate the domain name to IP 
address. 


Fig-1 



Web server 



cs . vu . edu 


Sub 

Domain 


SLD 


TLD 



8 


Fig. 2 

Name resolution 

The translation or resolution of a fully qualified domain name into its IP address takes place using the 
hierarchy of special computer machines called Domain Name Servers. A DNS server is a server on the 
network that maintains a database/table that contains the list of domain names and their corresponding IP 
addresses. The name servers for TLDs are also called Root Name Servers. There is a program called 
‘Resolver’ built into the browser, which sends the request for resolution of the domain name to the machine 
called Local Name Server. Local name server then contacts the root name server, which looks into its 
database and where possible provides the IP address of the name server below in the Hierarchy. Hence in a 
similar number of steps the fully qualified domain name is completely translated into the IP address of the 
web server where the requested web page is stored. The process of name resolution has been shown in an 
example in Fig. 3 below: 
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Name Resolution 



Getting domain names and IP addresses 

Domain names are administered in a hierarchy. At the global level the task of registration/administration of 
domain names is supervised by the organization called Internet Corporation for Assigned Names and 
Numbers (ICAAN). There are organizations working under ICAAN in different regions. For example, 
APNIC is for Asia and Pacific Rim, ARJN for America and South Africa, RJPE-NCC for Europe and 
North Africa etc. Each of the above are further connected to Internet Service Providers (ISPs) at the local 
level. One can register one’s domain name through an ISP also. Similarly, one can lease IP addresses from a 
local ISP apart from the direct sources of IP addresses, that is, APNIC, ARJN or RJPE-NCC. ISPs can use 
a server to dynamically supply the IP addresses to their clients for a session. Such a server is called DHCP 
(Dynamic Host Configuration Protocol) server. 

Media access control (MAC) address 

Data to be delivered on a network has to be converted first into serial transmission. This is done through a 
device called Network Interface Card (NIC) that must be installed in a computer on the network. NIC has 
also got printed on it a 48 bits unique address called the MAC or hardware address of the computer 
machine. In other words, it consists of 12 hexadecimal characters and can have different format as shown 
below: 

090017A9B2EF 
09:00:17:A9:B2:EF 
09-00-17-A9-B2-EF 

Whereas the IP address of a computer may change from time to time, its MAC address would remain the 
same unless the existing NIC is replaced with another. It can easily be inferred that there are 248 unique 
MAC addresses possible (which is an unimaginably high number). An organization called Institute of 
Electrical and Electronic Engineers (IEEE) administers the allocation of MAC addresses, worldwide. It 
ensures that there is no duplication of MAC addresses by the manufacturers of NICs. 
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NETWORKING DEVICES 


Lesson 04 


Topology of a LAN means its physical lay out. There are three main types of Network Topology, namely, 
Bus Topology, Star Topology and Ring Topology as shown in Figures 1-3 below. There are two different 
approaches to networking — Server-based and Peer-to-Peer approach. In server-based approach there is a 
centralized server machine that can serve users’ requests for the sharing of resources on a network. 
Contrarily, in peer-to-peer, the machines on the network have an equal capability which means that they can 
act both as a client and a server. 



Fig-1 



Fig. 3 
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Networking devices 
Hubs 

These provide central connection point for a LAN. They organize cables and relay data signals to all 
computers. There are ports on the back of a hub used to connect computers. They come in different sizes 
and shapes. 

Repeaters 

Repeaters regenerate signals. A repeater would amplify the entire electric signal it receives. However, it has 
no capabilities of directing network traffic. 

Bridges 

A Bridge is a combination of hardware and software. It has its own operating system. It helps to conserve 
the bandwidth of a network. Bandwidth is the speed of a network. It indicates how many bits can be 
transmitted across a network in a given time. In case of a bridge, the larger network is physically chopped 
into smaller segments. A bridge can read the MAC (Media Access Control) or physical address of a 
computer on data packets. MAC address is printed on the Network Interface Card. A bridge matches this 
MAC address with the one stored in its table and judges that which particular segment does a data packet 
belong to and accordingly sends that packet to such a segment. It does not allow other packets belonging to 
other segments to spread to a particular segment and hence conserves the bandwidth. (See Fig. 4 below) 



Fig. 4 

Switches 

A switch is also a combination of hardware and software having its own operating system. Like bridges, the 
switches are also used to increase the bandwidth of a network. However, in case of a switch, a network is 
virtually divided into small segments called Virtual LANs or VLANs. Similar type of users can be grouped 
into a VLAN despite that they have no physical proximity or closeness. A switch would read the MAC 
address on a data packet and match it with the list of MAC addresses of the user machines contained in it. It 
then sends data packets only to that machine on a VLAN to which these packets relate. Packets belonging 
to other VLANs are not allowed to enter into a particular VLAN, hence bandwidth increases. 

Routers 

Routers use a combination of hardware and software to forward data packets to their destination on the 
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internet. They are more efficient and sophisticated than bridges and switches. They can divide large 
networks into logical segments called Subnets on the basis of IP addressing scheme. A router can 
communicate with another router on the internet with the help of Routing Information Protocol, and thus 
it can build a routing table. This routing table contains information about different network addresses and 
different routes for delivery of data packets to a host machine on a network. A router is a decision making 
device. When a data packet arrives at a router it reads the network addresses from the IP address on the 
data packet and determines the shortest possible path through which this packet can be delivered to its 
destination. 

Following diagram (Fig. 5) explains how routers on the internet backbone forward data packets by 
determining the shortest possible path for the destination. In this example a client machine Af sitting on 
network no. 140.57 sends data to a web server C B ? hosted at network no. 100. C R1 ? is the router attached to 
network no. 140.57. After consulting its routing table it can find that the shortest possible path for sending 
data to machine C B’ is to forward data packets to C R2’, the router attached to network no. 100. In case there 
is a blockade then‘RF can look for the alternative shortest path. Here, the alternative shortest path for the 
delivery of data packets to ‘B’ can be R1-R3-R4-R2. 



Fig. 5 


Cabling options 
Zi Cooper-based cables 

They are quite commonly used for connecting computers. They have two main types — coaxial and twisted 
pair. In twisted pair there are two further options — unshielded twisted pair (UTP) and Shielded Twisted 
Pair (STP). 

Fiber optic cables 

They are used on the internet. They deliver data at a very high speed. They use glass or plastic filaments and 
the pulses of light as a data transfer method. 

Telephone and electrical wire networks 

They can also be used for connectivity purpose. 

Wireless options 

Wireless options include radio connectivity (wi fi, bluetooth), infrared connectivity and Satellite microwave 
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transmissions. 

Address resolution protocols (ARP) and address resolution protocol (RARP) 

Each computer on the internet prepares a list of its IP address and corresponding MAC address using ARP. 
Through RARP this information is forwarded to a network server. When a data packet arrives at the 
destination router, it inquires about the corresponding MAC address form the network server, inserts it and 
delivers the packet to that MAC address. A data packet therefore needs both IP and MAC addresses to 
reach its destination. (See Fig. 6 below) 



Fig. 6 


Role of ISPs on internet 

Internet Service Providers (ISPs) are those organizations which can provide internet connections, offer 
services of web hosting, newsgroups and internet e-mail etc. They work in a hierarchy. The ISP at the top of 
the hierarchy which is connected with internet backbone is called Internet Access Provider or IAP. An 
internet trunk line or backbone passing through a metropolitan area is also called Metropolitan Area 
Ethernet (MAE). IAPs are connected to MAEs at points called Network Access Points (NAPs). Trunk lines 
allow IAPs to move data. The actual routing of data packets takes place on internet backbone (see Fig. 7 
below). 



Fig. 7 
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BASICS OF HTML 


Lesson 05 


john@hotmail.com is the example of an email address. In order to deliver an email at this address, the part 
‘hotmail.com’ would first be translated into the IP address of hotmail email server through DNS. A message 
sent to John can then be stored in his account lying in the hotmail email server. There are three protocols 
commonly used for emails. Simple Mail Transfer Protocol (SMTP) is used for sending email messages 
between servers. In other words it is used for message uploads. Post Office Protocol 3 (POP3) or Internet 
Message Access Protocol (IMAP) can be used to retrieve messages. They should also be configured with 
SMTP. POP is used to download email to the client machine from the server side and the message is 
deleted from the email server after download. On the other hand, in case of IMAP the message is not 
deleted in the email server and thus can be reopened from another location/machine. 


Hypertext markup language 

Web documents are defined by the Hypertext Markup Language (HTML). It is a language of tags. A tag is a 
special letter or key word enclosed in angular brackets. Most tags have their corresponding closing tags 
represented by the same special letter or key word enclosed in angular brackets but preceded by a slash (/). 
Depending upon which tag is used the enclosed content can then have a specific effect, style or format. 
HTML is case independent. It has a fixed no. of tags and attributes. Attributes are those specific 
words/letters prescribed for certain tags having certain possible values. The browser has the capability of 
reading/interpreting each tag and its attributes used in a code and can show the result accordingly. One can 
see the source code of an HTML page using the option View Source as shown in Fig. 1 below: 

Looking at the Code 

Under the View menu 
Select Source 



Fig.l 

An HTML document starts with <HTML> tag which has its closing tag. The entire text work (including 
tables, images, lists, buttons etc.) is contained within a pair of <body> tag.A <Head> tag can also be used 
before the body tag to provide title and other informationabout the web page. Here is the example of a 
simple HTML document: 


<HTML> 

<HEAD> 

<TITLE> My first page</TITLE> 
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</HEAD> 

<BODY> 

A simple page with just this sentence 
</BODY> 

</HTML> 

Result is shown in Fig. 2 below. 





Fig. 2 


Text formatting 

-Paragraph tag <p> can be used for text formatting e.g, <p Align=“Center”>Education provides a better 
understanding of life</p> the enclosed sentence would accordingly be displayed in the center of the screen 
due to attribute align and its value ‘center’. One can also use Left or Right as values for the attribute ‘align’. 
<br> tag is used to provide a line break. 

-<center>Education provides a better understanding of life </center> would align the 
enclosed text in the center. 

-<b> and </b> are used for bold text. 

-<i> and </i> are used for italic text. 

-<u> and </u> are used of underlined text. 

-<big> and </big> for bigger font size. 

-<small> and </small> for smaller font size. 

Font tag 

Font tag defines various font properties. ‘Size’, ‘face’ and ‘color’ are its attributes. Attributescan be used 
simultaneously in a tag as you can see below: <font size=5 color=red face=Arial>internet and e- 
commerce< / font> 

Example code 


<HTML> 

<HEAD > < /HEAD > 

<BODY> 

<Hl>This is my main tide</Hl> 

<p>Here is the first paragraph. This is some <b><i>bold text</i></b></p> 
<pxfont face=“Arial”>This text is in the Arial font.</font> 

</BODY> </HTML> 
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Result is shown in Fig. 3 below. 




i i ‘J"h# i tt-nfi '■ y ■ It r m 1 

1 Mil JMFSjiTlri lilll#k In 







Heading in HTML 


Fig. 3 


Six different levels of headings can be created in HTML. Their syntax is given below: 
<H1> Level 1 — largest text </Hl> 

<H2> Level 2 </H2> 

<H3> Level 3 </H3> 

<H4> Level 4 </H4> 

<H5> Level 5 </H5> 

<H6> Level 6 — smallest text </H6> 


Creating basic HTML 


For creating/viewing a web page take the following steps: 

1 Open a text editor like Notepad or WordPad 

2 Type away 

3 Save as a “text” file and call it filename.html 

4 Start up a browser 

5 Open up your file 

6 File menu -> Open 

7 Browse to find your file 

8 Click open and OK 

9 To make changes go back to the text editor 

10 Make your changes and SAVE 

11 Go back to the browser 

12 Reload — use ‘Refresh’ icon or ‘Refresh’ button in the View menu or F5 

List in HTML 


<UL> and </UL> are used to create unordered list. <OL> and </OL> are used to create the ordered list. 
Use <LI> and </LI> tags in between as shown below: 

<HTML> <Body> <UL> 

<LI>Iteml</LI> 

<LI>Item2</LI> 

<LI>Item3</LI> 

</UL><P> <OL> 

<LI>Iteml</LI> 

<LI>Item2</LI> 

<LI>Item3</LI> </OL> 
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<P> 

<hr width=50% size=5 Align= center noshade></Body></HTML> 
Result is shown in Fig. 4 below. 
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Fig. 4 

Note that <hr> tag is used to create a horizontal line. Width, size, align and noshade are its attributes. 
<hr> and <br> tags do not have corresponding closing tag. You can also use square, disc or circle type of 
bullets,e.g, <UL Type=“Square”>Square</UL>. In case of ordered list the default list is in the format 

1,2,3_You can also use lowercase letters (a,b..) uppercase letters (A,B..) small Roman numerals (i,ii..) and 

large Roman numerals (I,II..) in the ordered list e.g; <OL 

Type=“a”><LI>First></LI><LI>second</LI></OL> 

Applying images in HTML 

To apply an image in html, use <img> tag. Also, use attribute C src ? and keep the name of the image file as its 
value. Browser would display the image corresponding to the place where you have used the image tag in 
your code. See the following example code: 

<HTML> <BODY> <HI>On Sale Cassettes</Hl> <Img Src=“cassette.gif”> </Body></HTML> 

Result is shown in Fig. 5 below. 
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Fig. 5 


Commonly used formats of image files are .gif, .jpg etc. Common attributes of image tag are shown below, 
for example: <Img Src=“cassette.gif” width=“80%” height=“50%” Align =t "Middle”> Width and height 
attributes specify size of the image and align attribute specifies the positionof the image on the page. 
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Downloading graphics 

To download an image from the web, do the following: 

1. Right click on the image. 

2. Choose ‘Save Picture’ or ‘Save Picture As’. You can rename the image but you cannot change its type. 

3. Select a place to save your image. It is usually easiest to reference images if you save them in the same 
folder as your HTML document. 

4. Make a reference to the image in your html document using the <img> tag. Note that you can also 
create your own images using a graphics package. 
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BASICS OF HTML 


Lesson 06 


Hypertext links are used to connect HTML documents. Text can be links. Images can be links. Links can by 
used for email also. An attribute ‘href is used in anchor tag <A>, and its value is set as the URL of a web 
page or a file name which is required to be opened by clicking the hyperlink. Content enclosed between 
<A> and </A> becomes clickable. See the following example: 

<HTML> 

<BODY> 

<Hl>Computer Science</Hl> 

Welcome to <A HREF= http:/ /www.vu.edu > Virtual University</A> in 
Pakistan 


</BODY> 

</HTML> 

Result is shown in Fig. 1 below* 




i ufiY v. i ii nii 

■■ ^ 


eui 



O 

O 

« ^ t#5t 



■ C ■Bui—' 

11 rjE? ■ ■■ i-h-. 



C'oiupii K't' Si’k’ncv 

Wrlrticnr 4a "n im.iI I 'iy> >- i -.r-, in xni 


Fig.l 

In order to create a mailto link, one should use the following syntax: <A 
HREF = mailto:vtv@hotmail.com > email address</A> 

Changing colors in a page 

In order to provide a specific background color to a web page, an attribute ‘bgcolor’ is used in the body tag. 
We can also use ‘text’ and ‘link’ attributes, respectively, in the body tag to assign font colors to our text and 
hyperlinks, as indicated below: 

<BODY bgcolor=“Green” text=“white” link=“red”> Instead of giving the color name as value of 
‘bgcolor’ one can also provide value in terms of a six digit code based on hexadecimal numbers called RGB 
values, e.g, #00FF00 refers to pure green color. RGB values are set according to following rule: 

Red Green Blue 

Where we want to provide an image as a background for the page then the ‘background’ attribute is used in 
the body tag keeping its value as the name of that image file, e.g, <BODYbackground=“filename”>. 
Consider the following example: 

<HTML> 

<BODY bgcolor=yellow text=red link=blue > 

<H1>Computer Science</Hl> 

Welcome to <A HREF= http:/ /www.vu.edu > Virtual University</A> in 
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Pakistan 

< /BODY > < / HTML> 

Result is shown in Fig. 2 below. 



Fig. 2 

Meta information 


Meta information is the information about the web page content, and is located in the <HEAD> of your 
HTML documents. It helps make documents easier to locate through search engines. Meta tag is used 
within the head tag for this purpose, as shown in the example below: 

<html> <head> <title>Introduction to e-commerce</title> <Meta name=“description” content=“E- 
commerce is a newly emerging field that uses internet as a medium of communication”> <Meta 
name—“keyword” content=“e-commerce, internet, medium, communication”> </head> <body> Page 
goes here</body></html> 

T ables 

Tables are used largely for page layout as well as for displaying information systematically. Any content that 
can go in the body of an HTML page can go inside of a table. It must accommodate the content put inside 
it. Tables are built row-by-row from the top to the bottom of the table. 

Basics tags 

Tables use the basic tag <Table> and </Table>. All other table tags fit between these two tags. <TR> 
(table row tag) and </TR> (corresponding end tag) are used to create/add a row. <TD> (table data tag) 
and </TD> (corresponding end tag) are used to divide a row into number of columns to create cells. 
<TH> (table header tag) and </TH> (corresponding end tag) labels each column as a heading. To provide 
the caption of a table <caption> and </caption> can be used. 
A basic 2 row, 2 column table 

<HTML><BODY><Table 
Border= 1 > <TR> <TD > Celll < / 

TD> Cell 1 
Cell 2 

<TD>Cell2</TD ></ TR><TR> Cell 3 
Cell 4 

<TD>Cell3</TD><T>C 
ell4</TD></TR></Tab 
le>< /BODY ></ HTML 
> 
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Spanning text across multiple rows or columns 

Attributes ‘colspan’ and ‘rowspan’ are used in <TD> tag for spanning the cells to a particular no. of 
columns or rows, respectively, as is shown in the examples below: 

<HTML> <HEAD><TITLE> Example - COLSPAN </TITLE> </HEAD> <BODY> <TABLE 
BORDER="l” align=center> <CAPTION>Spanning the text</CAPTION> <TR> <TD 
COLS PAN="2">This line is extended to two columns</TD> <TD>This does not</TD> </TR> 
<TR> <TD>First Column</TD> <TD>Second Column</TD> 

<TD>Third Column</TD> </TR> 

</TABLE> 

</BODY> 

</HTML> 

Result is shown in Fig. 3 below: 


3 l.afliuplr - f.Ul SMN - Mkr?wll liilmwtb^lurfi 


Ts Eat fflfh *by:*iIb Toe* hw 

*. i i / c < rr ' kl C 1 T r v ‘ 0 -t 

dir 

flu? kit:% id rdmiau Thi? dw? rl>: 

Fill C-jIuuui Sramd C shim Thoii Cdimui 


Fig. 3 

<HTML> <HEAD><TITLE>Spanning Text</TITLE> </HEAD> <BODY> <TABLE 
BORDER="l"> < CAPTION > Example - ROWSPAN</CAPTION> <TR> <TD 
ROWSPAN="2">This line is stretched to two rows</TD> <TD>First Row</TD> </TR> <TR> 
<TD>Second Row</TD> </TR> <TR> <TD>This does not</TD> <TD>Third Row</TD> 
</TR> </TABLE> </BODY></HTML> Result is shown in Fig. 4 below. 
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Fig. 4 


Table tag attributes 


Border - <table border=“5”> displays the cell boundaries, accordingly. Width - <table width=“75%> sets 
the width of the table, accordingly. Height - <table height=“100%”> sets the height of the table, 
accordingly. Cellpadding - <table cellpadding=“10”> refers to distance between the cells in pixels. 
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Cellspacing - <table cellspacing=“5”> refers to distance between cell boundaries andcontent enclosed in 
terms of pixels. Color - <table bgcolor=“#cccccc”> provides background color to the table (you can also 
provide color name instead of RGB value code). <table background=“tablebg.gif’> supplies an image in 
the table background. 

Attributes for <TD> tag 

Width - <td width=“50%”> specifies width of a cell with reference to the table width. Align - <td 
align=“center” > is used to align the text in a cell accordingly (you can also use left and right as values of 
‘align’). Valign- <td valign=“top”> is used to vertically align the text in a cell (you can also use bottom or 
middle as values of Valign’). 

Using a table to set up a page with a margin 

Set the table’s height to 100% using the <table> tag’s height attribute. First column is the margin. Use 
‘bgcolor’ or ‘background’ attribute to define color or image for the margin. Also set width of the margin as 
desired. Second column is where one can put all the regular text and the graphics. Note the following 
example: 

<HTML> <HEAD><TITLE>A Page with a Left-Hand Margin</TITLE> </HEAD> <BODY 
LEFTMARGIN="0" TOPMARGIN="0" MARGIN WIDTH=" 0" MARGINHEIGHT="0"> <TABLE 
HEIGHT= ,f l00% M > <TR> 

<TD BACKGROUND=“image2.gif' WIDTH= M 100 M >&nbsp;</TD> <TD VALIGN="TOP"> This 
section contains the contents of your web page. </TD> </TR> </TABLE> </BODY> </HTML> 

Result is shown in Fig. 5 below. 
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Fig. 5 


‘&nbsp;’ is the code for a blank space in HTML. 

Forms 

A form is a web page populated with text boxes, drop-down lists and commands buttons to get information 
from the user. Its basic tag is <form> and </form>. ‘Action’ and ‘Method’ are the two attributes used in 
the form tag as shown below to transport the information received form the user to a particular URL or a 
file: <Form action= http:/ /www.forms.com Method=post> 

Types 

Submit/Reset button Text boxes Text area Check boxes Radio buttons Lists 

Submit and reset button 

To create a submit or reset button use the following instruction within the form tag: <Input type=“submit” 
value=“label”> <Input type=“Reset” value=“label”> 

“Label” is the value that appears on the button. You may not want to use ‘value’ attribute. When the submit 
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button is clicked, the form data is shipped to the URL specified by the <form> tag’s action attribute. 

Text boxes and text area 


To create a text box the value of ‘type’ attribute is set as ‘text’ in the input tag. To create abigger box called 
text area we use <Textarea> and </Textarea> tag. The size of the text area is fixed on the basis of value of 
attributes ‘cols’ and hows’. Note the following example: 

<HTML> <HEAD><TITLE>Text Area Example</TITLE> </HEAD> <BODY> <H3>Today's 
Burning Question</H3> <FORM ACTION="http://www.gov.pk/scritps/test.asp" 

METHOD="POST"> First Name: <INPUT TYPE="TEXT" NAME="First” > 

<P> 

Last Name: <INPUT TYPE= n TEXT n NAME="Last"> 


<P> 

Today's <I>Burning Question</I>: <B>How to make Pakistan a developed 
country? </B> 

<P> 

Please enter your answer in the text area below: <BR> <TEXTAREA NAME="Answer" ROWS="10" 
COLS="60"> </TEXTAREA> 

<P> 

< INPUT TYPE="SUBMIT" VALUE="I Know!"> <INPUT TYPE="RESET" > </FORM> 
</BODY> </HTML> Result is shown in Fig. 6 below. 
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Fig. 6 


In the above example ‘name’ attribute used in ‘input’ and ‘textarea’ tags is the unique name for the field. A 
field name is the information normally used by the server side to respond to the client side after the form 
has been submitted to it. 
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Lesson 07 

TEXT BOXES, CHECK BOXES, RADIO BUTTONS 

-<input type=text Name=“URL” Value=http://> - here Value’ attribute would pre-fix the information in 
the text box which is given as its value (e.g, http://) 

-<Input type=text Name=“address” size=“40”> -‘size’ is used to set size of the box. 

-<input type=text Name=“age” maxlength=“3”> -‘maxlength’ limits the length of the text in the text box. 

Check Boxes 

Check boxes are normally used to get yes/no or true/false information from a reader. Syntax is to keep 
value of ‘type’ attribute as ‘checkbox’ in the input tag. Using ‘checked’ attribute certain values can be 
displayed pre-checked in the checkbox. Moreover, ‘Name’ attribute indicates the unique field name for a 
checkbox. 

Example — Check box 

<HTML> <HEAD><TITLE>Check Box Example</TITLE> </HEAD> <BODY> <H3>Describe 
Your Phobia!</H3> <FORM ACTION=http://www.sad.com/scripts/formtest.asp 
METHOD=’’POST”> What is <I>your</I> phobia? (Please check all that apply): 

<P> 

<INPUT TYPE="CHECKBOX" NAME=“Water M >Fear of water<BR> <INPUT 
TYPE="CHECKBOX" NAME="Bald">Fear of becoming bald<BR> <INPUT TYPE="CHECKBOX" 
NAME=“Lock”>Fear of being locked inside<BR> <INPUT TYPE="CHECKBOX" NAME="Flying" 
Checked >Fear of flying<BR> 

<P> 

<INPUT TYPE="SUBMIT" VALUE="Submit"> <INPUT TYPE="RESET"> </FORM> </BODY> 
</HTML> 

Result is shown in Fig. 1 below. 
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Radio buttons 


Instead of yes/no choices, you might want your readers to have one choice out of many options. For that 
Radio buttons can be used. General format <input type=“radio” Name=“field name” value=“value”> You 
supply the same field name to all the radio buttons that you want to group together. ‘Value’ is the unique 
text string that specifies the value of the option when it is selected. 

Example — Radio button 

<HTML> <HEAD><TITLE>Radio Button Example</TITLE> </HEAD> <BODY> 

<H3>Survey</H3> <FORM ACTION="http://www.sad.com/scripts/formtest.asp" 

METHOD="POST" > Which of the following best describes your current income 
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level:<BR><BR><INPUT TYPE="RADIO" NAME=“Income" VALUE="Poverty" >living below the 
poverty line<BR> <INPUT TYPE= "RADIO" NAME=“Income" VALUE=“Middle” Checked>Hving at 
the level of middle class<BR> <INPUT TYPE="RADIO" NAME=“Income" VALUE=“Upper">living 
at the level ofupper class<BR><BR> 

Which of the following best describes your political inclination :<BR><BR><INPUT TYPE—"RADIO" 
NAME="Politics" VALUE=“Nationalist" CHECKED>Worker of NationaHst Party<BR> <INPUT 
TYPE="RADIO" NAME="Politics" VALUE=“Socialist" >Member of SociaHst Party<BR> 

<INPUT TYPE-"RADIO" NAME="Politics" VALUE=“Republican">Supporter ofRepublican 
Party<BR> <INPUT TYPE-’RADIO" NAME=" Politics" VALUE=“None">None of the above<BR> 
<P> 

<INPUT TYPE="SUBMIT" VALUE="Submit" > <INPUT TYPE="RESET"> </FORM> </BODY> 
</HTML> 

Result is shown in Fig. 2 below. 
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Selection lists 


General format <select name=“field name” size=“no. of items”> Between the <select> and </select> 
tags are the <option> and </option> tags whichdefine the list items. If you omit “size” the list becomes a 
drop-down list. If size is two or more, the list becomes a rectangle with scroll bars for navigating the 
choices. Using ‘Selected’ attribute an item is selected by default. Multiple attribute allows the reader to select 
multiple items from the list. 

Example - lists 

<HTML><BODY> <FORM ACTION="http://www.sad.com/scripts/formtest.asp" 
METHOD="POST"> Select your nationality :<P> <SELECT NAME=“Nationality" SIZE="4"> 
<OPTION>American</OPTION> 

<OPTION>Australian</OPTION> <OPTION>Hungarian</OPTION> 
<OPTION>Indian</OPTION> <OPTION>Iranian</OPTION> <OPTION 
SELECTED>Pakistani</OPTION> <OPTION>French</OPTION> </SELECT><P> Select your 
favorite city:<P> <SELECT NAME="City"> <OPTION>Sydney</OPTION> 
<OPTION>London</OPTION> <OPTION SELECTED>Lahore</OPTION> </SELECT><P> 
Countries visited last year:<P> <SELECT NAME=“Countries" SIZE="5" MULTIPLE> 
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<OPTION>Canada</OPTION> <OPTION>Russia</OPTION> <OPTION>England</OPTION> 
<OPTION>Egypt</OPTION> <OPTION>Saudi Arabia</OPTION> </SELECT> 

</BODY > < / HTML> 

Result is shown in Fig. 3 below. 
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FRAMES AND IMAGES IN HTML 


Lesson 08 


The concept of frames is used to set up a site so that one page remains in view in part of the browser screen 
while the visitors can use the rest of the screen to view other pages using hyperlinks. 

General format 


<Frameset> and <Frame> are the two basic tags. This concept uses two different types of pages — 
frameset page and content pages. Frameset page divides the browser window into a set of frames and 
defines the size of each frame. It also specifies which content pages are displayed in which frame. It has no 
body section (no body tag). Content pages are just regular HTML pages. 

Dividing the screen horizontally 

<HTML> 

<HEAD> 

<TITLE>Horizontal Frames</TITLE> 

</HEAD> 

<FRAMESET ROWS="25%,75% M > 

< FRAME > 

< FRAME > 

</FRAMESET> 

</HTML> 

Result is shown in Fig. 1 below. 



Fig.l 

Dividing the screen vertically 


<HTML> 

<HEAD> 

<TITLE>Vertical Frames</TITLE> 
</HEAD> 

<FRAMESET COLS="20%,60%,20%"> 
<FRAME> 

< FRAME > 

<FRAME> 

</FRAMESET> 

</HTML> 
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Result is shown in Fig. 2 below. 
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Frames with content - frames.htm <FITML> <F[EAD><TITLE>Horizontal Frames with 
Content</TITLE> </HEAD> <FRAMESET ROWS="25%,75%"> <FRAME SRC="l.htm“ 
Name=“upper”> <FRAME SRC="2.htm“ Name=“lower”> </FRAMESET> </HTML> Result is 
shown in Fig. 3 below. 
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Fig. 3 


Note that contents of the files l.htm and 2.htm are displayed in Fig. 6 in the upper and 
lower frames, respectively. 

Code - l.htm <HTML> <HEAD><BODY> <Hl>This text is from l.HTM</Hl> </BODY> 
</HTML> Code - 2.htm <HTML> < HEAD ><TITLE horizontal Frames with links</TITLE> 
</HEAD> <BODY> <Hl>This text is from 2.HTM</H1> <H1><A HREF=“3.htm" 

TARGET="lower”>This is a link to 3.HTM</A></H1> </BODY> </HTML> 

Note that ‘target’ is an attribute of the <A> tag . Specifying its value as ‘lower’ would mean that contents of 
file 3.htm should open in the frame named ‘lower’ on clicking the clickable sentence, as shown in Fig. 4 
below. 
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Code - 3.htm 
<HTML> 

<HEAD> 

<TITLE>Hori 2 ontal Frames</TITLE> 

</HEAD> 

<BODY> 

<Hl>This text is from 3,HTM</H1> 

<H1><A HREF=“2.htm" TARGET - "lower" >This is a link back to 2.HTM</A></H1> 

</BODY> 

</HTML> 

Ready-made names for frames 

Target=“_self ’ — loads the new page into the same frame that contains the link Target=“_top” - loads the 
new page into the entire window Target=“_blank” — loads the new page into a new browser window 

Some frame attributes 

- NORESIZE — used in the <frame> tag, prevents the surfers from changing the size of the frame 

- SCROLLING — this attribute determines whether a scroll bar appears with a frame (e.g, 
Scrolling=“yes” in the <frame> tag makes it appear) 

- BORDER or FRAMEBORDER — Set this attribute to 0 for not displaying a border between the 

frames 

Nesting frames 

We can further divide a frame into different frames. This concept is called nesting of frames. 

See the following example in this regard: 

<HTML> <HEAD><TITLE>Nested 
Frames</TITLE> </HEAD> <FRAMESET 
ROWS="25%,75%"> <FRAME SRC-T.htm" 

NAME="upper"> 

<FRAMESET COLS="50%,50%"> <FRAME SRC="2.htm" NAME="lower"> <FRAME 

SRC="3.htm" NAME="right"> </FRAMESET> 

</FRAMESET> 

</HTML> 
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Result is shown in Fig. 5 below. 



This text is from 3.HTM 
This is a link back to 2.HTM 


Fig. 5 

Images can be links, too 

We can make images clickable as shown in the following example: 


<HTML> <HEAD><TITLE>Images Can Be Links, Too</TITLE> </HEAD> <BODY> Click this 
house <A HREF=“main.htm"><IMG SRC="home.gif" ></A> to return to my home page. </BODY> 
</HTML> Result of this code is shown in Fig. 6 below. 



Address u\txamples\chapuy\backhome.htm 


Click this house If^J to return to my home page. 


Images can be maps, too 


Fig. 6 


An image map is a web page graphics with several defined ‘clickable’ areas. To create an image map perform 
three steps: 

1. Decide which distinct image regions you want to use and then determine the coordinates of each 
region. 

2. Use the <Map> and <Area> tags to assign a link to each of these regions. 

3. Add a special version of the <IMG> tag to your web page. 

Step 1: determine the map coordinates 


A pixel is a point marked on computer screen. Typically computer screen arranges pixels in 800 columns by 
600 rows. A pixel can be identified by giving its column no. followed by its row no. (e.g, pixel 10,15). 
Suppose we want to make the following rectangular image (Fig. 7) as an image map. To know the 
coordinates of its different clickable regions one way is to set up an HTML file with a link that uses the 
following format: <A href = “whatever”><Img src=“imagename” ISMAP></A> Load this HTML file 
into a browser and move the mouse pointer over the image. The image co-ordinates of the current mouse 
position appear in the status bar. You can write these coordinates on a piece of paper. 

199,0 599,0 


0,0 


399,0 

A 

B 

C 
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If the rectangular image is 600 pixels in width and 100 pixels in height, and you want to display it at the top 
of the screen dividing it into three equally clickable areas, then you can find the coordinates of each region 
as follows: 

Area A - defined by coordinate 0,0 in the upper-left corner and 199,99 in the lower-right corner Area B - 
defined by co-ordinate 199,0 in the upper-left corner and 399,99 in the lower-right corner Area C — defined 
by co-ordinate 399,0 in the upper-left corner and 599,99 in the lower-right corner 

Step 1: Use <Map> to define the image map 

<Map Name=“Testmap”> <Area shape=“Rect” coords=“0,0,199,99” href=‘‘a.htm’’> <Area 
shape=“Rect” coords=“l 99,0,399,99” href=‘‘b.htm’’> <Area shape=“Rect” coords=“399,0,599,99” 
href=“c.htm”> </Map> Note that we use area tag within the <Map> tag, and use ‘shape’, ‘coords’ and 
‘href attributes of the area tag. ‘href attribute specifies the file which would open on clicking the clickable 
area. 

Step 1: Add the image map to the web page 

For adding the image map to the web page, use the image tag in the format shown below: <Img 
src=“coords.gif ’ usemap=‘‘#Testmap’’> 

Note that you give name of the main image file as value of the ‘src’ attribute. Name of the image map is 
given as value of the ‘usemap’ attribute. 

<Area> tag’s SHAPE attribute 

the “shape” attributes also accepts the values “circle” and “poly” (for a polygon). For a circle, “coords” 
attribute takes three values: the x-coordinate of the circle’s centerpoint, the y-coordinate of the center point, 
and the radius of the circle. For a polygon, the “coords” attribute takes three or more sets of coordinates. 
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Lesson 09 

TAG ATTRIBUTES, SOUNDS FILES, ANIMATIONS 


<Area> tag attributes 

‘alt’ attribute is used to label the clickable region. ‘Target’ attribute can be used to display result in a given 
frame. ‘Nohref attribute can be used to make a region non-clickable. For example, <Area shape=“circle” 
coords=“70,45,25” href=“a.htm” alt=“a.htm” target=“upper” nohref> 


Sound Files 

Sound file formats are: AU,WAV,MP3,MIDI. Sound files can be used in anchor tag as follows: <A 
href= “song.wav”>Click here for some greeting!</A>. We can also embed such files using embed tag. 
Example - Embedding <HTML> <HEAD><TITLE>Example - Embedding</TITLE> </HEAD> 
<BODY> Click the Play button for some nice music:<BR> <EMBED SRC= n Skylar.MP3 M > </BODY> 
</HTML> Result is shown in Fig. 1 below. 



1*0 Is^l €& . ,>^ S3 - Q Q 






J My C.i Mfi|Nilt*t 


<EMBED> tag also supports these attributes: Autostart=“False” — browser does not play the sound file 
automatically when the user surfs the web page Loop=“value” — tells the browser how many times to play 
the file (you can keep the value a number or infinite) Hidden=“True” — browser hides the control There is 
another tag for embedding sound files, that is, <BGSOUND> tag. It is supported by Internet Explorer 
only. 


Animated GIF images 


Use Paint, Paint Shop Pro or some other drawing program to create individual image files that will comprise 
animation. Use a special program such as GIF Animator to specify that these images be displayed 
sequentially, thus creating an animation. Add it to your web page by setting up an <IMG> tag where ‘Src’ 
attribute indicates the GIF file that you have created. Fig. 2 shows five different images that can be 
displayed sequentially using some animation program such that they would create the effect of animation. 



Fig. 2 


Note that you can use ready made animated images also. 

< Marquee > Tag 

Text that we put between <Marquee> and </Marquee> tags scrolls across the screen. Attributes and their 
values: Align=“top” or “bottom” Direction=“”left” or “right” Behavior=“Scroll” or “Slide” or “Alternate” 
Loop=“times” — can set “times” equal to infinite Scrollamount= “pixels” — higher the value of pixels, the 
faster the text scrolls Width=“value” — specifies the marquee width Height=“value” — specifies the marquee 
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height Bgcolor—“color” — specifies marquee background 


Example - Marquee 


<HTML> 

<HEAD> 

<TITLE>Marquee</TITLE> 

</HEAD> 

<BODY> 

Discover this amazing compatibility between 


<MARQUEE ALIGN="BOTTOM" BGCOLOR="SILVER" WIDTH="200" 
SCROLLAMOUNT="4" > 

Islam and Modern Science 
</MARQUEE>! 

</BODY> 

</HTML> 


H Marquee - Microsoft Internet Explorer [World ng Offline] 


File Edit View Favorites Tools Help 

0 i*) \*\ '^'Favcrites ^ j 0’ ^ S 1 Lj Q 'S 


address ^ Citlocumeits and iettings'^aadat^)e5ktop\Z,htin 


Discover this amazing c omp atTbilit> r between Islam and, Modem S deoce |! 


Style sheets 


Fig. 3 


Style sheet instructions can be embedded in the HTML document. An advantage of applying style sheets is 
that definition of the style’s formatting is created once and the browser applies that formatting each time 
the tag is used. Secondly, pages are easier to modify, that is, edit the style definition and all the places where 
the style is used within the page get updated automatically. Most popular type of style sheets is Cascading 
Style Sheets. There are mainly four different methods of using Cascading Style Sheets. 

Method #1: Embedded method 


Give a <style> tag and a </style> end tag into your document. Put the style tags before body tag. Insert all 

your style definitions between the style tags. Example 

<HTML> 

<head> 

< style > 

<!— 

HI {font-size:72pt} 

—> </style> </head> <body><hl>An Example of Embedded Method</hl> </body></html> 
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Result is shown in Fig. 4 below. 


O'- O L^l l£ :v- . 


© : . a ■ 0 


Ail Example of 
Embedded Method 


- El vA» ... 


Fig. 4 

Here, HI {font-size:72pt} is called style definition, ‘font-size’ is called style property and 72pt is the value of 
the property. Style definition is contained within the mark <!—and —>, which is the format for commenting 
out information in HTML. It is better to provide style definitions within the comment tag so that old 
browsers that do not support <style> tag do not treat the style definition as text. 


Method # 2: Linking to an external style sheet 


A separate file is created with the extension ‘.css’, containing your style definitions (see mystyles.css below). 
Use <Link> tag inside a web page header to apply these style definitions, 
mystyles.css: 
hi {colorired} 
p {font-size:34pt} 


Example <HTML> <head> <Link Rel= n stylesheet” Type= n text/css n href=’’mystyles.css"> </head> 
<body><hl>This heading will appear red</hl> 

<p> This line has a 34pt font</p></body> 

< /html> 

Result is shown in Fig. 5 below. 

© / M & - * w - o i 

This hvutiing will tippeur red 

This line has a 34pt font 


Fig. 5 

Method # 3: Inline styles 

It is used where a particular tag is to be given a different style. We use ‘style’ as an attribute in a tag and give 
properties/values in a format as shown in the example below: 

<HTML> 

<body> 
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<hl style—"font-size:40pt">This heading has font-size 40-point</hl> 
</body> 

</HTML> 

Result is shown in Fig. 6 below. 



Fig. 6 
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STYLE SHEETS 


Lesson 10 


Suppose you want all headings to appear in a 24-point font but the first one to appear in a 
40-point font. For that you can use in line style for 40pt font heading. 


Example <HTML> <head> <style> hi {font-size:24pt; Color:Blue} </style> </head> <body> <hl 
style="font-size:40pt;Color:red">This heading has font-size 40-point</hl> <hl>This heading has 24- 
point font-size</hl> </body></html> 

Result is shown in Fig. 1 below. 


■ ^ G i 


This heading has font-size 40-point 

This hemline lias 24-pnint rmii-sl/t 


Fig-1 


Applying a style to a section <DIV> tag is used to divide a page into separate sections. Browser inserts a 
line break before the <DIV> tag and after the </DIV> end tag. By including the “style” attribute inside 
the <DIV> tag, one can apply an inline style to everything inside <DIV> and </DIV> tags. 

Example - <DIV> tag 
<HTML> 

<body> 

<DIV style=“font-size:30pt”> 

<hl>This heading uses a 30-point font</hl> 

This sentence will have 30-point font 

<h2>This heading, too</h2> 

</DIV> 

</body></html> 
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Result is shown in Fig. 2 below. 


|3i C:\Ltocument5 and Setting3\Saadat\Lte5ktop\ 1.htm - Microsoft Internet txplorer - jWorking Uttlinl 
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This heading uses a 30-point font 

This sentence will have 30-point font 


This heading, too 

Fig. 2 

Applying a style to a word or phrase Use <SPAN> and </SPAN> and insert the style attribute inside the 
<SPAN> tag. <SPAN> tag does not provide any line break. Example <HTML> <body> <hl> This 
<Span style= ? Tont-size:40pt">heading </Span> has font-size 40-point </hl> </body> </HTML> 

Result is shown in Fig. 3 below. 


\ 1 •‘my*rrrah - Q "t 

* [#1 C .fJin mill.' mh! _ 


This heading iisis toiit-size 40 -pciiiif 


Method # 4: style classes 


Fig. 3 


They are used when you want to apply a specific style to a number of different tags and sections throughout 
the document. Set up a style class within the <style> tag or within an external style sheet file, e.g; 
Classname {style definitions go here}. Add a “class” attribute to the tags you want the styles applied to and 
put it equal to classname (without the dot). 

Example — style classes <HTML> <HEAD><TITLE>Style Sheets: Style Classes</TITLE> </HEAD> 
<STYLE> <!—.Textl {font-size: 20pt;color:red;text-align:center} .Text2{font-size: 16pt;color:green;text- 
align:center} —> </STYLE> <BODY> <DIV CLASS= n Textl M ><hl>This text is in red</hl></DIV> 
<DIV CLASS=”Text2 M ><h2>This text is in green</h2></DIV> </BODY> </HTML> 


Result is shown in Fig. 4 below. 


1 Si hili- si \\Tl ■ M y !■; 1 I.I> «Mh r ritf 1 Il i[vl lirU * J -k- -■« | Wirt hi lift Of III ik-| 
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Fig. 4 
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Using styles to control fonts 

<HTML> 

<HEAD> 

<TTTLE>Style Sheets: Font Sizes</TITLE> 

</HEAD> 

<BODY> 

Our store offers books on following subjects:<br> 

<SPAN STYLE="font-size: xx-small">Physics</SPAN> <SPAN STYLE=" font-size: x- 
small">Math</SPAN>, <SPAN STYLE=" font-size: small”>Computer Science</SPAN>, <SPAN 
STYLE="font-size: medium ? ’>Literature</SPAN >, <SPAN STYLE= M font-size: large">E- 
commerce</SPAN>, <SPAN STYLE="font-size: x-large"> His tory</SPAN > and<SPAN 
STYLE= "font-size: xx-large">Islam</SPAN> <br> You can also buy <SPAN STYLE="font-size: 
smaller">DVDs</SPAN> and <SPAN STYLE="font-size: larger">music CDs</SPAN>. <br> We 
offer<SPAN STYLE="font-size: 24pt">Greeting Cards</SPAN> too. </BODY></HTML> 

Result is shown in Fig. 5 below. 


^ Style Sheets: Font Sizes - Microsoft Internet Explorer 


Fil= Edit View Favorites Tools Help 

© B 

address 


Our s:ore offers boaks onfcBowmg subjects: 

Fiyaic®. \iath. Computer Scer.ce. Literature. E 
Yon car. iso buy U\.Ds and music CDs. 

We oTerGrCCtlE^ Ctiltls s too. 

Fig. 5 

Font family styles 

<HTML> 

<HEAD> 

<TITLE>Style Sheets: Font Families</TITLE> 

<STYLE> 

<!— 

.fonttypel {font-size: 20pt; font-family: "Times New Roman"} 

.fonttype2 {font-size: 20pt; font-family: Arial} 

.fonttype3 {font-size: 18pt; font-family: "Courier New"} 

-> 

</STYLE> </HEAD> <BODY BGCOLOR= "yellow" > <DIV CLASS="fonttypel">This sentence is 
in Times New Roman</DIV> <DIV CLASS="fonttype2">This one is in Arial Font Type</DIV> 
<DIV CLASS="fonttype3">This is in Courier New Font Type</DIV> <HR> <DIV STYLE="font- 
size:34pt;color:red"> <DIV STYLE=" font-family: Arial">The Arial Font Family</DIV> <DIV 
STYLE="font-family: Tahoma">This line is in Tahoma Font Family</DIV> </DIV> 
</Body></HTML> 


-commerce 


History and Islam 


A 0 IeI 4 

^Favorites ^0 
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Result is shown in Fig. 6 below. 


jil jtyle bheets: I ont I omilies - Microsoft Internet Lxplorer 
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Tliis sctiIcticc is in Times New Roman 
This one is in Arial Font Type 

This is in Courier New Font Type 

The Arial Font Family 

This line is in Tahoma Font Family 

Fig. 6 

Font weight styles 

The font weight controls the thickness of text. Predefined weight values are 
normal,bold,bolder,lighter. Specific weight values are in the range 100 — 900. 


<HTML> <HEAD> <TITLE>Font Weights</TITLE> </HEAD> <BODY bgcolor=yellow> <DIV 
STYLE=”font-size:20pt”> You can find books in this shop on <SPAN STYLE= n font-family: ’Courier 
New’,Courier">subjects such as:</SPAN> <BR> <SPAN STYLE=”font-weight: 

100”>Physics</SPAN>, <SPAN STYLE=”font-weight: 200”>Math</SPAN>, <SPAN STYLE=”font- 
weight: 300”>History</SPAN>, <SPAN STYLE=”font-weight: 400”>Fiction</SPAN>, <SPAN 
STYLE=’’font-weight: 500”>Poetry</SPAN>, 

<SPAN STYLE=”font-weight: 600”>E-commerce</SPAN>, <SPAN STYLE=”font-weight: 
700”>Computer Science</SPAN>, <SPAN STYLE=”font-weight: 800;font- 
style:italic;color:red”>Sociology</SPAN>, <SPAN STYLE=”font-weight: 900;font- 
style:italic;color:red”>Music</SPAN> </DIV></BODY> <HTML> 

Result is shown in Fig. 7 below. 


H I-ont Weights Microsoft Internet Lxplorer 


rile Cdit View Tovorites Tools I lelp 


t=J( 
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You can find books in this shop on sub j ects such as : 

Physics, Math, History, Fiction, Poetry, E-commcrcc, Computer Science, Sociology , 
Music 


Indenting the first line of a paragraph 


Fig. 7 


We can use the property text-indent keeping its value in inches or centimeters. 


<HTML> 

<HEAD> 

<TITLE> Indenting the first line </TITLE> 
<STYLE> 

<!— 

P {text-indent: 0.5in} 

-> 

</STYLE > 
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</HEAD> 

<BODY> 

<P> 

Faith, unity and discipline are the qualities through which we can progress as a nation. The focus of our 
young generation must be on receiving modern education. </P> <P>Religion can play a very important 
role in the life of an individual. Islam teaches a complete way of life. It ensures success in this world and 
hereafter. The need is to understand the real message of Islam. </P> </BODY></HTML> 

Result is shown in Fig. 8 below. 
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Fig. 8 

Aligning the text 

We can use the property ‘text-align’ keeping its value as left, right, center or justify. Consider 
the following example: 


<HTML> <BODY> <TABLE bgcolor=yellow BORDER="l"> <TR> <TD WIDTH="25%" 
STYLE="text-align: left M > Hypertext Markup Language was initially developed in America for military 
purposes. Now it is a popular tool for creating web pages. It is a language of tags. It has a fixed vocabulary. 
It is not case sensitive. </TD> <TD WIDTH= M 25% M STYLE="text-align: center M > Hypertext Markup 
Language was initially developed in America for military purposes. Now, it is a popular tool for creating 
web pages. It is a language of tags. It has a fixed Vocabulary. It is not case sensitive. </TD> <TD 
WIDTH="25%" STYLE= n text-align: right"> Hypertext Markup Language was initially developed in 
America for military purposes. Now, it is a popular tool for creating web pages. It is a language of tags. It 
has a fixed vocabulary. It is not case sensitive. </TD> 

<TD WIDTH="25%" STYLE="text-align: justify" > Hypertext Markup Language was initially developed 
in America for military purposes. Now, it is a popular tool for creating web pages. It is a language of tags. It 
has a fixed vocabulary. It is not case sensitive. </TD> </TR> </TABLE></Body></HTML> Result 
is shown in Fig. 9 below. 
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Fig. 9 


© Copyright Virtual University of Pakistan 


45 








E-Commerce - IT430 


VU 


Text decoration styles 


We can use the property ‘text-decoration’ in inline styles as follows: <HTML> <HEAD><TITLE>Text 
Decoration</TITLE> </HEAD> <BODY> <H2 STYLE= n text-decoration: none"introduction to E- 
commerce</H2> <H2 STYLE="text-decoration: line-through">Introduction to E-commerce</H2> 
<H2 STYLE="text-decoration: overline">Introduction to E-commerce</H2> <H2 STYLE="text- 
decoration: underline">Introduction to E-commerce</H2> </BODY> </HTML> 

Result is shown in Fig. 10 below. 


U Text decoration - Microsoft Internet Explorer 
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Introduction to E-commerce 


Introduction to E-commerce 

Fig. 10 


Working with the upper case and lowercase letters 

The property named “text-transform” is used which has four values — capitalize, lowercase, 
none and uppercase. 


<HTML> <HEAD><TITLE>Style Sheets: Text Transform</TITLE> </HEAD> <BODY> <H2 
STYLE="text-transform: capitalized We love Pakistan</H2> <H2 STYLE="text-transform: 
lowercase"> We love Pakistan</H2> <H2 STYLE="text-transform: none"> We love Pakistan</H2> 
<H2 STYLE="text-transform: uppercase"> We love Pakistan</H2> </BODY> </HTML> 

Result is shown in Fig. 11 below. 
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Fig. 11 


Coloring the web page with color styles 

Using Cascading Style Sheets one can apply a background color or image to sections of one’s 
page or even to individual words. 

Syntax: 
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background-coloriblue 

background-color:#0000FF 

background-image:URL(filename) 


Example — Color Styles <FITML> <FIEAD><TITLE>Backgrounds using Style Sheets</TITLE> 
</HEAD> <BODY> <DIV STYLE="background-color: yellow; color: blue M > This is an example of 
some blue text in yellow background using Style Sheets. </DIV><Br> <DIV STYLE= n background- 
color: green; color: white" > This example uses a different background color and a different font color 
using style sheets. Style sheets provide us more flexibility and a greater editing control over the content. 
</DIV> <P>We can also use different background style to <SPAN STYLE="background-color: 
red">highlight individual words</SPAN> as in the present case. 

<P> 

<DIV STYLE="background-image: URL(image2.gif); font-size: 16pt;color:white"> <B>We are studying 
e-commerce. E-commerce is an emerging concept that describes the process of buying and selling or 
exchanging of products, services and information via computer networks including the internet</B> 
</DIV> 

</Body></HTML> 

Result is shown in Fig. 12 below. 



his example uses a different background color and a different font color using style sheets. Style sheets provide us more flexibility and a greater editing control over 
he content. 


We can also use different background style to 


I We are studying e-commerce. E-commerce is an emerging concept that describes tbe process of buying and 
selling or exchanging of products, services and information via computer networks including tbe internet 





Fig. 12 
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STYLE SHEETS 


Lesson 11 


Attachment of the background image 

Using background-attachment: fixed, the background image would remain in place when the user scrolls up 
and down the page. 

Style sheet box model 

Each block element (<P>, <hl>...) is considered to have an invisible box around it. Stuff inside <P>, 
<hl> to <h6>,<DIV> and <Table> tags etc. is present in the form of blocks. Using style sheet box 
model (Fig. 1) we can make use of certain properties (dimensions, padding, border, margin and position) 
to introduce useful styles. 

Style Sheets Box Model 



<HTML> 

<STYLE> 

<!— 

P {border: thin solid} 

— > 

</STYLE > 

<BODY> 

<P>This is some text contained in a box. 

<P STYLE=’’height: 100px M >This paragraph is contained in a box 100 pixels high. 
<P STYLE="width: 100px M >This paragraph is contained in a box 100 pixels wide. 
</BODY> 

</HTML> 

Result is shown in Fig. 2 below. 


3 C:\Docunent5 end Settings\Saedat\Desktop\1.htm - Microsoft Internet Explorer 
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Padding 

padding-top — adds space on top of the content 
padding-right — adds space to the right of the content 
padding-bottom — adds space below the content 
padding-left — adds space to the left of the content 

padding — general property that applies to all four padding properties in this order: ‘padding 
top, padding-right, padding-bottom, padding-left’ 


Example - Padding <HTML> <HEAD><TITLE>Padding</TITLE> <STYLE> <!-DIV {border: thin 
solid; width: lOOpx; margin-bottom: 5px} —> </STYLE> </HEAD> <BODY> <DIV 
STYLE="padding-top: 15px; padding-bottom: 15px M >Mind is everything; what you think you 
become!</DIV> <DIV STYLE="padding-left: 15px; padding-right: 15px"> Mind is everything; what 
youthink you become! </DIV> 

<DIV STYLE="padding: lOpx 15px lOpx 15px"> Mind is everything; what you think you 
become!</DIV> </BODY> </HTML> 


Result is shown in Fig. 3 below. 


Padding - Microsoft 
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Fig. 3 


Border 

Border Width 

border-top-width: specifies width of the top border 
border-right-width: specifies width of the right border 
border-bottom-width: specifies width of the bottom border 
border-left-width: specifies width of the left border 

border-width: specifies the width of all borders in the order ‘border-top-width, border-right 
width, border-bottom-width, border-left-width’ 
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Border style 

border-top-style: specifies style of the top border 
border-right-style: specifies style of the right border 
border-bottom-style: specifies style of the bottom border 
border-left-style: specifies style of the left border 

border-style: specifies the style of all borders in the order ‘border-top-style, border-right 
style, border-bottom-style, border-left-style’ 

Values for border styles are double, inset, outset, groove, solid, ridge. 

Border color 

border-top-color: specifies color of the top border 
border-right-color: specifies color of the right border 

border-bottom-color: specifies color of the bottom border border-left-color: specifies color of the left 
border border-color: specifies the color of all borders in the order ‘border-top-color, border-right-color, 
border-bottom-color, border-left-color’ 

Example border 

<HTML> <STYLE> <!-DIV {margin-bottom: 20px} -> </STYLE> <BODY> <DIV 

STYLE="border-width: 1cm; border-style: inset"> This line is written in a box having inset style border 
and a border width of 1 centimeter. </DIV> <DIV STYLE = "border-width: 10px;border-color:red green 
yellow blue; border-style: ridge"> This line is written in a box having ridge style border and different border 
colors. </DIV> </Body> </HTML> 

Result is shown in Fig. 4 below. 


ii C:\Docunenti and Settings\Saadat\Desktop\1.htm - Microsoft Internet Explorer [T | [T |(^<|| 


Fib Edit View Favorites Tools Help 

V] g] y) Search ^Favorites @ ES T Q ^ 

Address [fficVtocunier ts and Ssttngs\£aada:V)esktop\l.htm v Go Links” 


■ 




■This line is written in a box having inset style border and a border width of 1 centimeter. 


■This line is written in a box having ridge style border and difern: border colors. 

1 

Fig. 4 



Margins 

margin-top: specifies the size of the top margin margin-right: specifies the size of the right margin margin- 
bottom: specifies the size of the bottom margin margin-left: specifies the size of the left margin margin: 
specifies the size of all the margins in the order, margin-top, margin-right, margin-bottom and margin-left 
Example - Margins <HTML> <STYLE> P {margin-top: 100px;margin-bottom:100px;margin- 
left:200px;margin-right:200px} </STYLE> <BODY> <P style="background-color:yellow;font- 
size:34pt;text-align:justify" >The great thing in this world is not so much where we are, but in what direction 
we are moving</P> <DIV STYLE="background-color: black; color: white"> <H2>This heading appears 
with a bottom margin of 100 pixels</H2> </DIV> </BODY> </HTML> 
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Result is shown in Fig. 5 below. 


3 C:\Documents and Settings\Saadat\Desktop\1.htm - Microsoft Internet Explorer 


file Edit View Favorites Tods Help 

O * 0 l~\ 0 yt-' 1 Search Favorites 0 0- j ^ S ’ LJ 0 

Address C: documents and Settjngs\gaadat\pesktop\l.htm 


^02 


The great thing in this world is 
not so much where we are, but 
in what direction we are moving 


id,IL-l,IUU,lJ,l.ff 


ears with a bottom margin of 100 pixels 


4L] Done 


/Start 1*3 Microsoft PowerPoint... 3 C:Vhcuments and 


Fig. 5 


^ My Computer 


Position styles 

Position Property position: absolute — you can place the element box anywhere on the page position: 
relative — position is relative to the normal position of the element 
position: static - position remains unchanged 

top — element’s position is fixed from the top of browser window (in case of position: absolute) or below 
the element’s natural position in the page (in case of position: relative) right — element’s position from the 
right side of browser’s window bottom — element’s position from the bottom of browser’s window left — 
from the left side of the window (in case of position: absolute) or to the left of the element’s natural 
position (in case of position: relative) Example- Position Styles 

<HTML> <STYLE> DIV {font-size: 18pt} </STYLE> <BODY> <DIV STYLE="position: absolute; 
left: 700px; top: 200px M >Books Section</DIV> <DIV STYLE="position: absolute; left: 200px; top: 
150px M >Toys Section</DIV> <DIV STYLE="position: absolute; left: 500px; top: 100px">Music 
Section</DIV> <DIV STYLE="position: absolute; left: lOOpx; top: Opx">Clothes Section</DIV> We 
must believe in luck. For how else can we explain the success of those we do’nt like? <p STYLE="position: 
static; left: 200px; top:30px”> This is an example of position styles. </BODY></HTML> Result is 
shown in Fig. 6 below. 

File Edit View Favorites Tools Help 

_> Yl @ yP Search -^-Favorites ^> | £5' S3 ' Q 0 

Address J^g^C ; Vjocuments and SettincsSSaedatV3esktopM.htm _”_ 1^3 Go Linl 

We must b e&c an we explain the success of those we do'nt Kke? 

This is en example of position styles_ 


Music Section 


Toys Section 


Books Section 


Fig. 6 
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SOME USEFUL STYLE SHEETS PROPERTIES 


Lesson 12 


Example position style 

<HTML> 

<STYLE> 

DIV {font-size: 18pt} 

</STYLE > 

<BODY> 

<DIV STYLE="position: absolute; left: 700px; top: 200px M >Books Section</DIV> 
<DIV STYLE="position: absolute; left: 200px; top: 150px">Toys Section</DIV> 
<DIV STYLE="position: absolute; left: 500px; top: 100px">Music Section</DIV> 
<DIV STYLE="position: absolute; left: lOOpx; top: Opx">Clothes Section</DIV> 

We must believe in luck. For how else can we explain the success of those we do'nt like? 
<p STYLE="position: static; left: 200px; top:30px"> 

This is an example of position styles. 

</BODY></HTML> 



Fig-1 

<HTML> 

<STYLE> 

DIV {font-size: 18pt} 

</STYLE > 

<BODY> 

<DIV STYLE="position: absolute; left: 700px; top: 200px">Books Section</DIV> 

<DIV STYLE="position: absolute; left: 200px; top: 150px">Toys Section</DIV> 
<DIV STYLE="position: absolute; left: 500px; top: 100px">Music Section</DIV> 

<DIV STYLE="position: absolute; left: lOOpx; top: Opx">Clothes Section</DIV> 

We must believe in luck. For how else can we explain the success of those we do'nt like? 

<p STYLE= "position: relative; left: 200px;top:5px"> 

This is an example of position styles. 

< /BOD Y ></ HTML> 
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Result is shown in Fig. 2 below. 


'3 C:\Docunents £nd Setting5\Safldat\Etesktop\1.htm - Microsoft Internet Explorer 


s 

Fils Edit View Favorites Tools Help 

O B *- k O [*] @ Y y ; Se£rch ^Favorites T ^ E3 T @ 

address C: V^ocumerts and Sattng3^aada:'pasktop\l.h1m 


V 0 G o 

We must b elievir'inSu clc$ ^el s?can we explain the success of those we do'n: like? 



This is ar. example of position styles. 



Music Section 



Toys Section 

Books Section 



Fig. 2 

Positioning in the 3rd dimension 

We can use the property ‘z-index’ for positioning in the third dimension. For example, 
<HTML> 

<HEAD> 

<TITLE>Style Sheet 3-D Positioning</TITLE> 

</HEAD> 

<STYLE> 

DIV {font-size: 16pt; Coloured} 

</STYLE> 

<BODY> 

<IMG SRC="image2.gif" STYLE="z-index: imposition: absolute; left: 95px; top: 10px"> 
<DIV STYLE="z-index: 1; position: absolute; left: lOpx; top: 60px"> 

<B>This text appears on top of the image.</B> 

</DIV> 

</BODY> 

</HTML> 
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Result is shown in Fig. 3 below. 


1 3 blylt SMitI J'U HtfsilluiiPiiE - Mkr iTvylt iiilt'Frivt t'F 



F*e {jit rflyufita Tooh r+rtp 

Kjj \jS\ \ y 

• b * © ii 


r ---- 


v 



Fig. 3 


Introduction to java script 

Although JavaScript bears the name of java, it is a very different language that is used for a very different 
purpose. It supports both web browser and server side scripting. Browser scripts are used to create dynamic 
web pages that are more interactive, more responsive. Before discussing JavaScript, you should know some 
basics. A variable defines a value stored at a location address in the computer that may be accessed through 
the variable. For example Var i=3; means 
i _J^ocation name 


3 ^alue at the location 

65895 -location address 

Rules for variables 

Variable names can begin with an uppercase letter (A-Z), lower case letter (a-z), an underscore character (_), 
or dollar sign ($). Remaining characters can be any of the above or from digits (0-9). In JavaScript variables 
are case sensitive. It means that if you have a variable ‘money’ you cannot write ‘Money’ or ‘mONEY’. You 
don’t need to define the variable with the data type (rather it is not allowed in JavaScript) 

General data types 

They are as follows: 

int or integer: This indicates the whole numbers like 78 or 98 etc. 
float: It is a decimal fractions like 8.9 or 6.6 etc. 

Char : It is any alphabet from A-Z or any digit or for that matter any of the characters on the 
key board you can see. Digits defined as chars cannot have mathematical operation on them. 

String: When more than one chars join they make a string. 

Boolean: It just has true or false value. For example if you have variable ‘pass’ as boolean it 
can be true or false only. 

These data types vary in exact definition depending on the language and tool you are using. 

Some might have more data types then the ones discussed above. JavaScript Data types are 
Number, Boolean, String, Null and Undefined. 

Event handler 

Events describe actions that occur as the result of user interaction with a web page or other browser-related 
activities. For example, when a user clicks a hyperlink or a button or enters data in a form, an event is 
generated informing the browser that action has occurred and that further processing is required. The 
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keywords responsible for activating certain actions on HTML document are called Event handlers. Some 
common event handlers are as follows: onclick, ondbclick, onfocus , onload, onsubmit, onselect, onblur, 
onchange, onmousedown, onmousemove, onmouseout, onmouseover. 

Changing images using event handlers 

Consider following examples: 

<HTML> 

<BODY> 

<IMG SRC=contents.gif 
WIDTH=170 
HEIGHT=50 
BORDER=0 
NAME=picture 

onmouseover="picture.src= f search.gif;picture.width=250; 
picture.height= 100” 

onmouseout="picture.src= ? contents.gif;picture.width=170; 

picture.height=50 n > 

</BODY> 

</HTML> 

Result is shown in Fig. 4 below. Note that we can change the width and height of the 



Fig. 4 


<HTML> 

<BODY> 

<A href=image2.gif onmouseover="picture.src= f search.gif ;picture.width=250; 
picture.height= 100" 

onmouseout="picture.src= f contents.gif;picture.width=170; 

picture.height=50"> 

<IMG SRC=contents.gif 

WIDTH=170 

HEIGHT=50 

BORDER=0 

NAME=picture> 
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</A> 

</BODY> 

</HTML> 

Result is shown in Fig. 5 below. Note that using <A> we can make the resulting image 
‘search.gif clikable such that when a user clicks at it he opens a different image ‘image2.gif, 

as shown below. 



Fig. 5 

Objects 


In computer language an object consists of certain properties and functions, exclusive to the object. In all 
object oriented languages we can create objects of our own. In Java Script we are provided with certain 
already defined objects which are ready to use. 
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Lesson 13 

JAVA SCRIPTING 

Java script examples 

<HTML> 

<HEAD> 

<TITLE>J avascript Example< /TITLE> 

<SCRIPT LANGUAGE^"JavaScript" TYPE="text/javascript"> 

<!—alert("Thank you for visiting my web site!") 

//-> 

</SCRIPT> 

</HEAD> 

<BODY> 

</BODY> 

</HTML> 


Result is shown in Fig. 1 below. 



Fig.l 


Note we can embed JavaScript code/instructions in the plain HTML code with the help of <script> and 
</script> tags. In the above example ‘alert’ is the function/method of a predefined browser object that is, 
window object, and is used to create alert boxes or popup messages on the window. ‘//’ is used in 
JavaScript to provide comments. Here, we use ‘//’ so that old browsers that do not support JavaScript treat 
information within the Script tag as comments. 

Writing on the page 
<HTML> 

<HEAD> 

<TITLE>example-writing on the page</TITLE> 

</HEAD> 

<BODY> 

<SCRIPT LANGUAGE= M JavaScript" TYPE= ?, text/javascript n > 

<!-- 

do cument.write(" Hello! Thank you for visiting my web site.") 

//-> 

</SCRIPT> 

</BODY> 
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</HTML> 

Result is shown in Fig. 2 below. 


'H example-writing on the page - Microsoft Internet Explorer 


File Edit View Favorites Tools Help 

© Back ’ 0 ' 0 ^ /'^Search ^Favorites ^ 

E8 - □ @ 

Address ^ C:documents and Settings\SaadatV3esktop\l.htm 


Hello! Thank you for \isiting my web site. 



Fig. 2 

Here, ‘document’ is a browser object and ‘write’ is its function which is used to write text on the page. 
Browser objects are loaded by a JavaScript capable browser to provide access to the web page and the 
HTML elements it contains. These objects are used to update and interact with the loaded web page. 

Operators in java script 

Mathematical operators ‘+’ For addition of two values ‘-‘ for subtraction of two values ‘*’ for multiplication 
‘/’ for division ‘%’ modulus (for calculating the remainder) ‘++’ for increment ‘—‘ for decrement Logical 
operators ‘&&’ for logical and ‘ | | ’ for logical or V for logical not 

Comparison operators 

‘==’ for Equal 

‘!=’ for not equal 

‘< ‘ for Less than 

‘<=’ for less than equal 

‘>’ for Greater than 

‘>=’ for Greater than equal 

Functions in javascript 

A variable in JavaScript can be defined using the keyword ‘var’ and a function by the 

Keyword ‘function. A function can be defined in the following format: function myfunction() { // some 

code } 

Here, ‘myfunction’ is the name of the function. 

Creating a calculator in JavaScript 
<HTML> 

<HEAD><Title> My Simple Calculator</Title> 

</HEAD> 

<script language="JavaScript”> 

<!— 

function AdditQ 

{ var numl = document.Calform.One.value; var num2=document.Calform.Two.value; 
alert(parseFloat(numl)+parseFloat(num2)); 

} 

function minus 0 

{ var numl=document.Calform.One.value; var num2=document.Calform.Two.value; 
alert (parseFloat(numl)-parseFloat(num2)); 

} 

//-> 

</script> 

<BODY>Add and Subtract Calculator 
<FORM name=”Calform”> 

<P> 

First Number:<INPUT TYPE=”TEXT” NAME=”One” maxlength=”3”> 


© Copyright Virtual University of Pakistan 


58 




E-Commerce - IT430 


vu 


<p> 

Second Number:<INPUT TYPE="TEXT" NAME="Two" maxlength="3"> 


<P> 

<INPUT TYPE="button" NAME="Add" VALUE="Add Them!!" onclick="Addit()"> 

<INPUT TYPE= "button" NAME="Minus" VALUE="Subtract Them!!" 
onclick=" minus Q"> 

<INPUT TYPE="RESET" VALUE="Reset!"> 

</FORM> 

</BODY> 

</HTML> 

In the above example, we have defined two functions, Addit 0 and minus() using JavaScript. With the help 
of an event handler ‘onclick’ the control is shifted to any of the said functions and the code contained in the 
functions is accordingly executed. 

For example, if a user adds no. 3 in the first text box and 9 in the second, then on clicking the button ‘Add 
them!!’ the addition of these two nos. would be displayed in an alert box due to the use of ‘alert’ function in 
the code. 

Result is shown in Fig. 3 below. 


3 My Simple Calculator - Microsoft Internet Explorer 


©Back • © ’ @ @ ft P*** A Fa v°rites 0 g- ^ S ’ J @ ^ 

Address [ffi CiPoaiments and Settings\gaadatfiesktop\l.htm _ v] Q Go 

Add and Subtract Calculator 
First Number ^ | 

Second Number ^ 1 

| Add Them!! ] [ Subtract Them!! ] | Reset! | 



1 OK 1 


Fig. 3 

Result is shown in Fig. 4 below if the user clicks at the button ‘Subtract Them!!’ instead of‘Add Them!!’. 

U . . — mm 

O 0 ■ ® ft S T G ft 

tw C; < DH#KPt and Ultnpf 'iwSaittatiiw L rc« ■> Qb “ 

Add aid Subtract Calculator 
First Nnriber 3 
Sramd NiraberS 

| Add Tlwnii~] [ StMaelTmmfl ] [ Rwf ] 


MicrosnfE JntHTJWl riftlnrf r 




Fig. 4 

To get the result in a text box, you need a slight change in the code contained in the 
functions AdditQ and minusQ, as shown below. 

<HTML> 

<HEAD><Title> My Simple Calculator</Tide> 

</HEAD> 
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<script language—"JavaScript”> 

<!— 

function AdditO 

{ 

var numl=document.Calform.One.value; var num2=document.Calform.Two.value; 
document.Calform.result.value=parseFloat(numl)+parseFloat(num2); 

/ / alert(parseFloat(numl)+parseFloat(num2)); 

} 

function minus 0 

{ var numl=document.Calform.One.value; var num2=document.Calform.Two.value; 
document.Calform.result.value=parseFloat(numl)-parseFloat(num2); //alert(parseFloat(numl)- 
parseFloat(num2)); 

}//-> 

</script> 

<BODY>Add Subtract Calculator 
<FORM name="Calform"> 

<P> 

First Number:<INPUT TYPE="TEXT" NAME="One" maxlength="3"> 

<P> 

Second Number:<INPUT TYPE="TEXT" NAME="Two" maxlength="3"> 

<P> 

Result:<INPUT TYPE="TEXT" NAME="result" maxlength="9" Disabled> 

<P> 

<INPUT TYPE="button" NAME="Add" VALUE="Add Them!!" onchck="AdditO"> 

<INPUT TYPE="button" NAME="Minus" VALUE="Subtract Them!!" 
onclick="minus 0 " > 

<INPUT TYPE="RESET" VALUE="Reset!"> 

</FORM> 

</BODY> 

</HTML> 

Result is shown in Fig. 5 below in a text box, if you type nos. 125 and 66 in the two text 
boxes, respectively, and click ‘Add them!!’. 


'jjj My Simple Calculator - Microsoft Internet Explorer 


J File Edit View Favorites lools Help 


j ^Back ▼ ■+ ▼ <Q El 3 Search AJ Favorites -^History @ ▼ 3 

J Address C:\pocuments and Setdngs\Administrator\Pesktop\calculator.html 

▼ | r^Go J Links ” 



Add Subtract Calculator 


First Number:|l25 


Second Number:|66 


Result:|l91 


Add Them!! | Subtract Them!! | Reset! | 



_d 

ej Done Beil 

|5l My Computer 


Fig. 5 
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Lesson 14 

JAVA SCRIPTING (CONTINUED....) 

We can also get the result of addition or subtraction written on a page using write’ function 
of the document object. Again we need to do a slight modification in the code as shown 
below. 

<HTML> 

<script language='’JavaScript”> 

<!— 

function AdditQ 

{ 

var numl = document.Calform.One.value; 
var num2=document.Calform.Two.value; 
document.write ("The result of this addition is " + 

(parseFloat(numl)+parseFloat(num2))); } 
function minus 0 

{ var numl=document.Calform.One.value; var num2=document.Calform.Two.value; document, write ("The 
result of this subtraction is " + (parseFloat(numl) 
par seFloat(num2))); 

} 

//-> 

< / script> 

<BODY> 

<FORM name="Calform"> 

<P> 

First Number:<INPUT TYPE-’TEXT" NAME="One" maxlength="3"> 

<P> 

Second Number:<INPUT TYPE="TEXT" NAME="Two" maxlength="3"> 

<P> 

<INPUT TYPE="button" NAME="Add" VALUE="Add Them!!" onchck="AdditO"> 

<INPUT TYPE-’button" NAME="Minus" VALUE="Subtract Them!!" 
onclick="minus ()"> 

<INPUT TYPE="RESET" VALUE="Reset!"> 

</FORM> </BODY> 

</HTML> 

When a user types 3 and 9 in the two text boxes, respectively, as shown in Fig. 1 below and 
presses ‘AddThem!!’ the addition of two nos. T2’ is written on a web page (Fig. 2). On 
clicking ‘Subtract Them!!’ the subtraction of two nos. ‘-6’ is written on a page (Fig. 3). Note 
that in the brackets of ‘document.write’ we concatenate or join some text information called 
string (within double quotation marks) with the addition/sub traction of two nos. using ‘+’ sign. The 
addition/sub traction of nos. is achieved using function ‘parseFloatQ’, that is, a function of predefined global 
object. 
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1 3 C:\Documents and Settings\Saadat\Desktop\1.htm - Microsoft Internet Explorer j 

File Edit View Favorites Tools Help 

L*] [~\ : 'tl / Search V y Favorites 

El • □ Q 4t 

Address ^ C:\pocuments and Sethngs\SaadatVHesktop\l.htm 

^ 3 Gc 


First Number^ 


Second Number: 3| 

[ Add Them!! ] [ Subtract Them!! | [ Reset! | 


Fig- 1 


13 C:\Documents and Settings\Saadat\Desktop\1.htm - Microsoft Internet Explorer 

BBS 

File Edit View Favorites Tools Help 

0 Bade - 9 9 Search Favor,tes T v T 0 i 

V 

Address ^ C:documents and Settings\Saadatpesktop\l.htm 

v ^Go Links * 

The result of this addition is 12 


Fig. 2 


I C:\Docurnents and Setting5\Saadat\Desktop\1.htm - Microsoft Internet Explorer 

□©a 

File Edit View Favorites Tools Help 

< 

Q Back - if] [±] ,|I / ' Saardl U;' Favorite €5 ’ , ® ' 0 2) 

Address C: documents and Settings'^aadatVUesktop\1.htm 

1 

v Q Go Links 


The result of this subtraction is -6 


Multiply and divide calculator 


Fig. 3 


See the following code: 
<HTML> 

<script language="JavaScript" > 
<!— 

function MultiplyitQ 

{ 


var numl—document.Calform.One.value; var num2—document.Calform.Two.value; 
alert (parseFloat(numl)*parseFloat(num2)); 

} 

function DivideitQ 

{ var numl = document.Calform.One.value; var num2=document.Calform.Two.value; 
alert(parseFloat(numl)/parseFloat(num2)); 

} 

//-> 

< / script> 

<BODY><h2> Multiply and Divide Calculator</h2> 

<FORM name="Calform"> 

<P> 

First Number:<INPUTTYPE="TEXT" NAME="One" maxlength="3"> 

<P> 

Second Number:<INPUT TYPE="TEXT" NAME="Two" maxlength="3"> 
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<p> 

<INPUT TYPE="button" NAME="Multiply" VALUE="Multiply" 
onclick= "MulriplyitQ " > 

<INPUT TYPE="button" NAME="Divide" VALUE="Divide" onclick="DivideitO"> 
<INPUT TYPE="RESET" VALUE="Reset!"> 

</FORM> 

</BODY> 

</HTML> 

Results are shown in Figures 4 and 5 below. 


I 3 C:\Documents and Settings\Saadat\Desktop\1.htm - Microsoft Internet Explorer 


I [«] [£] © P***' Favorites ft 0- Q 13 - Q 0 
Address Opocuments and SettjngsV3aadatpesktop\l.htm 



I 3 {.: ilJortinii'nK duel . Illrai Mir rusoll lutmiet t ijilcn 


O l*j £| © jpSMLJi 0 

CiCuuj-eriiiaml feL&p^'SaadoLlCeslibp'.l.iOi 
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Example - A Drop-Down List of Links 
<HTML> 

<HEAD> 
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<TITLE>A Drop-Down List of Links</TITLE> 

</HEAD> 

<SCRIPT LANGUAGE= M JavaScript" TYPE="text/javascript"> 

<!— 

function GoToIt(list) 

{ var selection = list.options [list.selectedlndex] .value if (selection != "None") location.href = 
selection 
} 

//-> 

</SCRIPT> 

<BODY> 

<FORM> 

<SELECT WIDTH="20" onChange="GoToIt(this)"> 

<OPTION VALUE="None">Select a page previously done —> 

<OPTION VALUE="calculator.htm" >Calculator 
<OPTION VALUE="styles.htm">Style Sheet 
<OPTION VALUE="forms.htm">Web Forms 
<OPTION VALUE= "tablemargin.htm" >Table Margins 
<OPTION VALUE="frames.htm">Frames 
</SELECT> 

</FORM> 

</BODY> 

</HTML> 

Result is shown in Fig. 6 below. 


1 'ZH A Drop-Down List of Links - Microsoft Internet Explorer 


File Edit View Favorites Tools Help 

© BaCk - © - [«) [U ^Psear* ^Favorites ^ Q ' U Q 4& 

7,* 

- C: documents and Settings \Saadat‘Desktop\dropdown.htm 

v Go Links ” 



i fel Done My Computer 



In the above example, event handler ‘onchange’ has been used, having the effect that when 
an option is selected by the user the control is shifted to the above defined function 
GoToIt(list). Due to the key word ‘this’ information/list contained in the select tag is 
available to the argument ‘list’ of the function GoToItQ. When the function would be 
executed the value of the selected option would be assigned to the variable ‘selection’. Due 
to location.href= selection, the existing location of the web page is changed to the location of 
the option/web page that has been selected and that particular web page opens. ‘Location’ is 
another predefined browser object. 


© Copyright Virtual University of Pakistan 


64 








E-Commerce - IT430 


VU 


Example - If Statement 

IF statement in programming is used to alter the course of execution of code depending 
upon the value of a condition. See the following example: 

<HTML> 

<script language="JavaScript”> 

<!— 

function minus Q 

{ 

var numl =document.Calform.One.value; 
var num2=document.Calform.Two.value; 
if(parseFloat(numl)<parseFloat(num2)) 

{ alert(”negative M ); 

} 

else 

{ 

alert (parseFloat(numl)-parseFloat(num2)); 

} 

} 

//-> 

< / script> 

<BODY> <FORM name="Calform"> <P> First Number:<INPUT TYPE="TEXT" NAME="One" 
maxlength="3"> <P> Second Number:<INPUT TYPE="TEXT" NAME="Two" maxlength="3"> <P> 
<INPUT TYPE="button" NAME="Minus" VALUE="Subtract" onclick="minusO"> 

<INPUT TYPE="RESET" VALUE="Reset!"> 

</FORM> 

</BODY> 

</HTML> 

Results are shown in Figures 7 and 8 below. 
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Fig. 8 


For LOOP 

When we want some action to take place repeatedly till a particular point, we can apply a for 
loop. General format is: for (initializations tatement;condition;updateStatement) {statements} 
The code goes on executing itself till a certain condition is met. 

Example 

<HTML> 

<HEAD> 

<TITLE>Using the For Statement</TITLE> 

</HEAD> 

<BODY> 

<SCRIPT> 

<!— 

for(i=1 ;i<7;i++) document.write("<F1" +i+">Hello "+i+"!!</H"+i+">") ; 

//-> 

</SCRIPT> 

</BODY> 

</HTML> 

Result is shown in Fig. 9 below. 
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Note that using for loop we are able to generate six different levels of headings in HTML. 

Some predefined JavaScript objects 

A list of some commonly used predefined JavaScript object is given below: Global Array String Math Date 
Global object is an object with globally-accessible variables/properties and functions. Netscape navigator 
and internet explorer implement Global object, but do not allow it to be explicitly created or referenced. 
Instead its properties and methods are referenced directly. NaN - ‘not a number’ is one of its properties. 
‘parseFloat(string)’ that parses the string as a floating point number, is the example of a function/method of 
Global Object. Note a general difference between properties and functions of an object in that the names 
of the properties are not followed by small brackets whereas the names of the functions do have small 
brackets following their names. Information contained in the small brackets of a function is called 
arguments. Also note that generally properties and functions of an object are invoked/referenced by typing 
the name of the object followed by a dot before typing the property or function name, e.g, 
document, write 0. 

Array Object also has different properties and functions. ‘Length’ is an important property of this object 
that identifies the length of the array. Its methods/functions include 
toStringO, reverse0, sort() etc. 

Array Example 
<HTML> 

<HEAD> 

<TITLE>Using Arrays </TITLE> 

</HEAD> 

<BODY> 

<Hl>Using Arrays </Hl> 

<SCRIPT LANGUAGE^"JavaScript" TYPE="text/javascript"> 

<!— 

myArray= [0,1,2,3,4,5,6,7,8,9,10]; 

document.write( n myArray: first element " +myArray[0]+"<P> M ); 
document.write( n myArray.toStringO: "+myArray.toStringQ + "<P> "); 
document.write("myArray.join(V): "+myArray.join(V)+"<P>"); 

document.write("myArray.reverse(): "+myArray.reverse()+ M< P >M ); 
document.write( n myArray.sortO: "+myArray.sort()+" <P> "); 

//-> 

</SCRIPT> 

</BODY> 

</HTML> 

Result is shown in Fig. 10 below. 
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Math object provides a standard library of mathematical constants and functions. Following 
example shows some properties and methods of this object. 

<HTML> 

<HEAD> 

<TITLE>Using the Math object</TITLE> 

</HEAD> 

<BODY> 

<Hl>Using the Math object </Hl> 

<SCRIPT LANGUAGE^"JavaScript" TYPE="text/javascript"> 

<!— 

document.write("Math.PI :" +Math.PI + "<P>"); 
document.write("Math.LN2 :"+Math.LN2+"<P>"); 
document.write( M Math.sin(90) :"+Math.sin(90)+"<P>"); 
document.write( f ’Math.randomQ : M +Math.randomO+"<P>"); 
document.write( M Math.pow(2,3) :"+Math.pow(2,3)+ M <P> "); 
document.write("Math.min(l23,133): M +Math.min(l23,133)+"<P> M ); 

//-> 

</SCRIPT> 

</BODY> 

</HTML> 

Result is shown in Fig. 11 below. 
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Lesson 15 

JAVA SCRIPTING (CONTINUED....) 


Example Date object <HTML> <HEAD><TITLE>Writing the Current Date and Time</TITLE> 
</HEAD> <BODY> <SCRIPT LANGUAGE=’’JavaScript'’ TYPE=”text/javascript"> <!- 
document.write(“Welcome! you are visiting my web site on ” 4- DateO) //--> </SCRIPT> </BODY> 
</HTML> Result is shown in Fig. 1 below. Here, ‘DateQ’ is the constructor of the date object 
whichprovides current date of the system._ 



3 Writing the Current Date and Time - Microsoft Internet Explorer 
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Getting date and time in a user friendly format 

To get the date/time in a different format, an instance of the date object can be created. In the following 
example‘d’ is such an instance. To define the instance d of the date object we have to use a constructor of 
the date object, preceded by the word ‘new’. Constructor is defined as the initializing function used to 
create instance/copy of an object. It is after the name of the object whose constructor it is. Note that we 
can invoke or apply different methods/functions of the date object using this instance ‘d\ e.g, d.getDayO, 
d.getYearQ etc. 

<HTML> <HEAD><TITLE>Example - Current Date and Time</TITLE> </HEAD> <BODY> 
<SCRIPT LANGUAGE="JavaScript” TYPE="text/javascript"> <!—// Store the date in a variable d = 
new DateQ dateText = ""// Get the current day and convert it to the name of the day dayValue = 
d.getDayO if (dayValue == 0) 

dateText += "Sunday" else if (dayValue == 1) dateText += "Monday" else if (dayValue == 2) 
dateText += "Tuesday" else if (dayValue == 3) dateText += "Wednesday" else if (dayValue == 4) 
dateText += "Thursday" else if (dayValue == 5) dateText += "Friday" else if (dayValue == 6) dateText 
+= "Saturday" 

// Get the current month and convert it to the name of the month monthValue = d.getMonthO dateText 
+= ’’ ’’ if (monthValue == 0) 

dateText += "January" if (monthValue == 1) dateText += "February" if (monthValue == 2) dateText += 
"March" if (monthValue == 3) dateText += "April" if (monthValue == 4) dateText += "May" if 
(monthValue == 5) dateText += "June" 

if (monthValue == 6) dateText += "July" if (monthValue == 7) dateText += "August" if (monthValue = = 
8) dateText += "September" if (monthValue == 9) dateText += "October" if (monthValue == 10) 
dateText += "November" if (monthValue == 11) dateText += "December" 

// Get the current year; if it’s before 2000, add 1900 if (d.getYearQ < 2000) dateText += " " + 
d.getDateQ + ", " + (1900 + d.getYearQ) else 

dateText += " " + d.getDateQ + ", " + (d.getYearQ) // Get the current minutes minuteValue = 
d.getMinutesQ if (minuteValue < 10) 

minuteValue = "0" + minuteValue // Get the current hours hourValue = d.getHoursQ // Customize 
the greeting based on the current hours if (hourValue < 12) 

{ 

greeting = "Good morning!" 

timeText = " at " + hourValue + + minuteValue + " AM" 

} 
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else if (hourValue == 12) { greeting = "Good afternoon!” timeText = ” at ” + hourValue + + 

minuteValue + ” PM” } 

else if (hourValue < 17) { greeting = ”Good afternoon!” timeText = ” at ” + (hourValue-12) 4- ”:” + 
minuteValue + ” PM” } 

else { greeting = "Good evening!” timeText = ” at ” + (hourValue-12) 4- ”:” + minuteValue 4- ” PM” } 
/ / Write the greeting, the date, and the time to the page document, write (greeting 4- ” It's ” 4- dateText 4- 
timeText) //--> </SCRIPT> </BODY> </HTML> Result is shown in Fig. 2 below. Note that mainly 
three variables, greeting, dateText and timeText have been used. Also, a number of if statements have been 
used in order to get customized values. 


3 Example - Current Date and Time - Microsoft Internet Explorer 
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Example - String Object 

In the following example, c str’ and ‘myArray’ are the instances of string and array objects, respectively. The 
size of the array is 10. Here, charAtQ is the function/method of string object. So, charAt(3) would provide 
the value of the element at the index three. Different other functions of string object have also been used. 
In the example, str.Split( f f ) splits the string on the basis of blank space. After splitting, we assign parts of 
the string as values for the array. <HTML> <HEAD><TITLE>Using the String object</TITLE> 
<SCRIPT LANGUAGE=”JavaScript” TYPE=”text/javascript”> <!- 

//-> </SCRIPT></HEAD> <BODY> <Hl>Using the String object </Hl> <SCRIPT 
LANGUAGE="JavaScript” TYPE="text/javascript”> <!—str=new String(”This is a test of javascript 
string methods”); myArray=new Array(lO); myArray=str.split ( ’); document.write(”str.charAt(3) :” 
+str.charAt(3) +”<P>”); document.write(”str.substring(20,25):”+str.substring(20,25)+”<P>”); 

document.write(”str.toLowerCase() : M +str.toLowerCaseQ+”<P>”); document.write(”str.toUpperCase() 
:”+str.toUpperCase() + ”<P>”); do cument. write (”str. Split ( f f ) myArrayfO] :”+myArray[0]+”<P>”); 
document.write(”str.Split( f f ) myArray[l]:”+myArray[l]+”<P>”); //—> </SCRIPT> </BODY> 
</HTML> 



© Copyright Virtual University of Pakistan 


70 





E-Commerce - IT430 


VU 


Using java script for applying for checks in a registration form 

We can use JavaScript for applying different checks on a web form including pattern checking. Consider 
following example in this behalf, where we use a JavaScript function checkValues Q: 

<HEAD> 

<script language= M JavaScript"> 

<!— 

function checkValues 0 
{ 

var Userlogin=document.regForm.userlogin.value; var 
UserPassword=document.regForm.userPassword.value; var 
conPassword=document.regForm.conPassword.value; var 

userAddress=document.regForm.userAdd.value; var name=document.regForm.Name.value; var 
maxLength =15; var minLength = 3; 

if(Userlogin.length == 0 | | userAddress.length==0 | | name.length==0) 

{ alert( n Please fill in all values"); return false; 

} if(Userlogin.length < minLength | | Userlogin.length > maxLength) { 

alert ("Login Name is limited to " + minLength 4- " - " + maxLength + " characters"); 

return false; } if(UserPassword.length < minLength | | UserPassword.length > maxLength) { 
alert("Password is limited to " 4- minLength + " - " 4- maxLength 4- " characters"); 
return false; 

} 

else 

{ 

for(i=0;i<Userlogin.length;i++) 

{ if(Userlogin.charAt(i) == "," | | Userlogin.charAt(i) == ";") { 
alert("invalid login name"); return false; } } } 
if(UserPassword!=conPassword) 

{ alert("Passwords do not match"); return false; 

} 

return true; 

} 

//—> </script> <BODY onload="on\vintlo\vload()"> <font size="3" face="Arial" 
color=red><strong></font> <H3>To Register Please Enter The Following Information:</H3> 

<FORM NAME="regForm" ACTION="regcheck.asp" METHOD="POST" onSubmit="return 
checkValuesO"> Name: <INPUT TYPE="TEXT" NAME="Name" maxlength="25"> 

<P> 

Address: <INPUT TYPE="TEXT" NAME="userAdd" maxlength="50"> 

<P> 

Login: <INPUT TYPE="TEXT" NAME="userlogin" maxlength=“20"> 

<P> 

Password: <INPUT TYPE="Password" NAME="userPassword" maxlength=" 15 " > 

<P> 

Confirm Password:<INPUT TYPE="Password" NAME="conPassword" maxlength="15"> 

<P> 

Email: <INPUT TYPE="TEXT" NAME="email" maxlength="15"> 

<P> 

<INPUT TYPE="submit" NAME="Go" VALUE="Register!"> <INPUT TYPE="RESET" 
VALUE="Reset!"></FORM> </BODY> </HTML> 

When a user just types name and omits to type either Userlogin or userAddress, an alert box would be 
displayed informing him to fill in all values. Accordingly, false would be returned by the function 
checkValues Q, and no data would be forwarded to the server side on clicking the submit (Register!) button. 
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See Fig. 4 below: Fig. 4 
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Fig. 4 

Secondly, if the user violates the permissible limit of 3-15 characters in the text box for user login, again 
a pop-up box can confront him with a message as shown in Fig. 5 below. 
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Similarly, if the user violates the permissible limit of 3-15 characters in respect of Password, an alert box can 
inform him about it as shown in Fig. 6 below. 
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Lesson 16 


JAVA SCRIPTING AND XML 


For loop can be used in the code of Registration form to check that users do not type invalid characters in 
the text box. For example, in case a user types a in the text box for user login, an alert box can be made 
to display informing him that it is an invalid user login. See Fig. 1 below. 



Fig-1 

Look at the code to understand For statement/ loop. The initialization statement is executed only at the 
beginning of the For loop’s execution. The condition is then tested, and if it is true the statements enclosed 
within the curly brackets are executed. If the condition is false, the loop is terminated and the statement 
following the For statement is executed. 

Another check can also be applied to see that the passwords entered in two different text boxes by the user 
are the same. In case the two passwords do not match an alert box can inform the user about it (see Fig. 2 
below). In case no condition applied in the code is violated then the function checkValues returns true at 
‘onsubmit’. Consequently, the information provided by the user in the form is forwarded to the server side. 
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Fig. 2 


Extensible markup language 

World Wide Web Consortium (W3C), a non-profit organization that maintains standards for the web 
presented the draft of XML in late 1990’s. It is also used for web page creation and includes data 
management capabilities that HTML cannot provide. Consider the example of a list of planets. Suppose that 
same HTML heading tags are decided to be used each planet. Also, suppose that it is decided to display 
different pieces of information about a planet in different heading sizes. Then, there is a shortcoming in 
respect of HTML that it can only supply upto 6 different levels of headings. In case there are more than six 
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different pieces of information to display, then HTML loses its efficacy. That is why web professionals have 
found XML as a list formatting alternative of HTML. Following is a simple HTML code for preparing the 
list of planets: 

<HTML> <HEAD><TITLE>Planets</TITLE> </HEAD> <BODY> <hl>Planets</hl> 

< h2 > PlanetN ame< / h2 > 

<h3>DistanceFromSun</h3> 

<h4>Moons</h4> 

<h5 >DayLength< /h5 > 

<h2>Mercury</h2> 


<h3>36 million miles</h3> 
<h4>None</h4> 

<h5>176 Days</h5> 

<h2> Venus </h2> 

<h3>67 million miles</h3> 
<h4>None</h4> 

<h5>117 days</h5> 

<h2>Earth</h2> 

<h3>93 million miles</h3> 
<h4>One</h4> 

<h5>24 Hours</h5> 

</BODY> 

</HTML> 

Result is shown in Fig. 3 below. 


3 Planets - Microsoft Internet Explorer 


File Edit View Favorites Tools Help 

V 

©Back - Q [*) \£\ £ P Search ^Favorites Q 0’ ^ 0 ’ 


Address ^ C:\Documents and Settings\Saadat\Desktop\planet.html 

V Q Go Links y> 


Planets 

PlanetName 

DistanceFroinSim 

Moons 
Day Length 

Mercury 

36 million miles 

None 
176 Days 

Venus 

I Done 


[C] Microsoft PowerPoint... f planet - Notepad 


3 Planets - Microsoft In... 


4 My Computer 


8:29 AM 


Fig. 3 


XML differs from HTML in two important respects. Firstly, XML is not a markup language with defined 
tags; rather, one can create one’s own set of tags in XML. Secondly, XML tags do not provide information 
how text would appear on a web page. Instead of that XML tags convey meaning of information included 
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within them. To understand these distinctions consider the example of planets’ list again. Following is the 
XML code for that: 

<?xml version=''1.0”?> 

<PlanetsList> 

<Planet Name=''Mercury”> <Distance>36 million miles</Distance> <Moons>None</Moons> 
<DayLength>176 days</DayLength> </Planet> 

<Planet Name=''Venus”> <Distance>67 million miles</Distance> <Moons>None</Moons> 
<DayLength>117 days</DayLength> </Planet> 

<Planet Name=''Earth”> <Distance>93 million miles</Distance> <Moons>One</Moons> 
<DayLength>24 Hours</DayLength> </Planet> 

</PlanetsList> 

First line of the code is a declaration that it is an XML document (version 1). Second and last lines of the 
code are called root element tags. We enclose other elements within the root element tags. We assign a 
name to the root element that best describes the purpose of our file. Other elements are called child 
elements. Thus, planet is a child element of planetlist. Further, each property of a planet is the child element 
of the planet element. So, distance, moons and daylength are the child elements of planet element. Name is 
the attribute of the planet element. Names of child elements can be different between two organizations, 
which can make the sharing of information difficult. For instance, some may describe the property of a 
planet as Day and others may use the word Daylength for that purpose. This has led to the necessity of 
having uniform standards for writing different types of XML documents. Many companies have agreed to 
follow common standards for XML tags. A file that uses XML tags is called data type definition (DTD) or 
XML schema. Different DTDs are available for different industries. We now have accounting information, 
legal information standards etc. 

Rules for writing an XML code 

-All elements must be properly nested <outer><inner>content</inner></outer> 

-All attribute values must be quoted <FRIES SIZE="LARGE”> 

-All elements with empty content must be identified by ending in /> 

<BR/>, <img src=“image2.gif” /> 

- All elements must be cased consistently <PART> must not be closed as </part> 

- Certain characters having reserved meanings cannot be used e.g, & , < etc. Embedding XML into 
HTML documents 

<XML> element can be used anywhere within HTML document to enclose XML content. 

See the following example in this regard: 

<html> 

<head> 

<title>XML-example</title> 

</head> 

<body> 

<hl>HTML text here</hl> 

<xml> 

<meal> 

< burger > 

< name > spicy </ name> 

</burger > 

</meal> 

< / xml> 

</body> 

</html> 
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Also, <script> element can be used for such purpose e.g, <script language=“xml” 
type=“text/xml”>.</script> 

Extensible Style sheet Language (XSL) XML files are translated using another file which contains 
formatting instructions. Formatting instructions are often written in Extensible Style sheet Language (XSL). 
These formatting instructions are read over by special programs — usually these programs are written in Java 
programming language- called XML Parsers. Following diagram (Fig. 4) explains how web server might 
process http request for an XML page._ 
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Fig. 4 


We write XSL rules that match various xml elements. For that consider the following example: 

XML code <?xml version=“1.0”?> <?xml-stylesheet href=“catalog.xsl” type=“text/xsl” ?> 
<CATALOG> 

<PART> <NAME>Switch</NAME> <DESCRIPTION>A very efficient device</DESCRIPTION 
<PRICE>Rs. 1000</PRICE> 

</PART> 

<PART>.</PART> 

.... </CATALOG> </xml> 

XSL code 


We can provide the formatting instructions for the above XML code by writing an XSL 
code as given below: 


<?xml version=“1.0”?> 

<xsl> 

<rule> 

<root /> <html> <body bgcolor=yellow> <children /> 

</body> 

</html> </rule> <rule> 

<target-element type=“PART” /> <DIV style=“margin-bottom:20px”> <children /> </DIV> 
< / rule> 

<rule> <element type=“PART”> <target-element type=“NAME” /> </element> 

<B> <children /> 

<B> <BR /> </rule>.</xsl> 

Note that we use <rule> elements and <target-element> in our XSL code to provide formatting 
instructions for the corresponding XML elements. 
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HTML and XML editors 

General purpose text-editors for HTML are Notepad, Wordpad etc. However, there are certain HTML 
editors that help create web pages more easily, e.g, Macromedia Dreamweaver and Microsoft FrontPage. 
XML code can also be written in any general purpose text editor. However, there are special programs such 
as Epic Editor, TurboXML which can facilitate the editing job considerably. 
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CLIENT AND SERVER SIDE PROCESSING OF DATA 


Lesson 17 


You are now familiar with the fact that internet presents a two-way communication model, also called the 
Client-Server Model as shown in Fig. 1 below. In the client server model some data is processed on the 
client side and certain data is processed by the server on the server side. 



Fig.l 


Client side processing 

Data that is processed on the client side mainly includes the HTML code, most of JavaScript, applets and 
cookies (in most cases). As a matter of fact, the browser installed on the client side has the capability to 
interpret different HTML tags and display the result accordingly. JavaScript code can be included in the 
HTML document to be executed on the client side by the browser. JavaScript is mainly used at the client 
side for simple calculations and for pattern checking. We have already learnt this concept in the examples of 
calculator and registration form where JavaScript functions were applied. Applets are compiled java 
programs. Applet code is sent from server to the browser for processing. Examples of applets include 
animation files, java games spreadsheets etc. Typically applets take more space on the window screen Applet 
call example Consider the following HTML document where a special <applet> tag has been used to make 
a call for the applet code. The URL of the site where applet code is stored has been assigned as a value for 
the code attribute. Width and height attributes are used to specify the space allocation for the display of the 
applet result. 

<HTML> <BODY> 

<APPLET CODE=http://www.xyz.com/carfind.class width=100 height=200>DEMO</APPLET> 
</BODY> </HTML> 

Cookies 

Cookies are text files stored on client’s hard disk sent by the server side due to cookie related 
programming in the code. Cookies are usually generated by JavaScript or CGI scripts. In 
JavaScript the processing for cookies takes place on the client side. Consider the following 
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example where the property ‘cookie’ of the document object in JavaScript is used to create a 
cookie: 

<HTML> 

<SCRIPT LANGUAGE^"JavaScript" TYPE="text/javaScript"> 

<!— 

function updateCookieQ 

{ 


document.cookie—document.forml.cookie.value; 

location.reload(true); } //--> </SCRIPT> <BODY> <SCRIPT LANGUAGE="JavaScript"> <!- 
document.write ("Currently, your cookie is "+document.cookie); //—> </SCRIPT> <FORM 
NAME="forml"> 

<P> 

This information would be treated as a Cookie: <INPUT TYPE="TEXT" 

NAME="cookie" size="50"> 

</P> 

<INPUT TYPE= "Button" name-’setCookie" VALUE="Set Cookie!" 
onclick="updateCookie()"> 

</FORM> 

</SCRIPT> 

</BODY> 

</HTML> 

In the above code, a text box called cookie is created. When a user clicks the button Set Cookie, the control 
is shifted to the function update Cookie which creates a cookie in the hard disk of the client and opens or 
reloads a fresh page for the user with the information of the current cookie written on it. Suppose that I 
type the word Ahmad in the text box and click the button Set Cookie, then the cookie ‘Ahmad’ would be 


consequently created and stored 

in the hard disk. 

See figures 2-4 below. 

'5 C:\Documents and Settings\Saadat\Desktop\2.html - Microsoft Internet Explorer 


File Edit View Favorites Tools Help 


a 

©Back - O " S 3 ./ Search T V Favorites 

• * B ’ J 0 


Address ^ C:documents and Settings\Saadatpesktop\2.html 


v Q Go Links >: 

Currently, your cookie is 


This information would be treated as a Cookie: 


| Set Cookie! | 


Fig. 2 


I 'H C:\Documents and Settings\Saadat\Desktop\2.html - Microsoft Internet Explorer 


File Edit View Favorites Tools Help 

©Back - © ' @ [?] ^PsMrch '^f’F.vorite 0 0 - .V H ’ □ @ 

Address |^] C: documents and Settings\Saadatpesktop\2.html 

v 0 Go Uni 

Currently, your cookie is 

This information would be treated as a Cookie: Ahmad 


| Set Cookie! ] 


Fig. 3 
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1 '3 C:\Documents and Settings\Saadat\Desktop\2.html - Microsoft Internet Explorer 
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W 

Address ^ C:documents and SettingsVSaadatV3esktop\2.html 

V Qgo Links >s 


Currently : your cookie is Ahmad 


This information would be treated as a Cookie: 

| Set Cookie! | 

Fig. 4 

Cookies can be used to track customers online. Typically, a unique ID of the customer is stored in the 
cookie file on the hard disk. Same ID is also stored in the database along with the record of previously 
purchased items by the customer. When the customer again visits the online store, cookie (having customer 
ID prepared against that URL) is transmitted by the browser to the server side. There, it is matched with the 
ID in the database. This enables the merchant side to know that a particular customer (with a known buying 
pattern) has come to visit again. By tracking the customer in this manner, personalized recommendations 
for certain items can be made to the customer in real time. 

Cookies can also be used to maintain state between two broken sessions. Thus, it is possible that some 
information of the previous session is stored in the cookie file, and this information is available (through 
cookie) to the server side on starting a subsequent session. For instance, in the code of a web form certain 
information received form the user can be stored in the variables as shown below: 
firstName=document.forml .first.value lastName=document.forml .last.value 
email=document.forml.email.value 

The coder can also define a variable to set the expiration date of the cookie as follows: 
expirationDate= n Friday, 01-Dec-ll 12:00:00 GMT” 

Then using cookie property of the document object all such information can be stored on the client hard 
disk in a cookie file and can be used for maintaining state between two sessions: 

document.cookie= M firstname= M +firstname+ ?, ;lastname= M +lastname+ M ;email= M +email+ 

n ;expires="+expirationD ate 

Fat vs. Thin Client 

Fat clients have a lot of processing done on the client side. On the other hand, thin clients have very little 
processing on client side, and most of the processing takes place on the server side. 
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Lesson 18 

APPLETS, CGI SCRIPTS 

You know that Web Server is a computer that delivers (serves up) web pages. Any computer can be turned 
into a Web server by installing server software and connecting the machine to the internet. A relational 
database or simply database is a collection of information stored in tables. A database contains one or more 
tables. Each table has a name and consists of columns and rows. Each column has a name. Most e- 
commerce sites consist of a front end and a back end. Front end consists of that information which is 
visible to the user and he can interact with the same through some interface. The back end comprises that 
information which resides on the server side and is used to create certain dynamic results for the user. It 
would include different programs or scripts that may be developed in different languages/tools. For an 
effective e-commerce site there must be a real integration or compatibility between the front end and the 
back end. We develop our back end mainly for two purposes — for querying with the databases (where we 
have developed databases) and for the maintenance of state. We can use different tools (ASP, JSP etc.) for 
that purpose depending upon their respective advantages/disadvantages. Server side processing can be 
mainly categorized into four headings -CGI Scripts, Servlets, Server Side Scripts and JDBC/ODBC drivers. 

CGI scripts 

Term Common Gateway Interface (CGI) is defined as a standard method/protocol that allows data from 
forms to be used by programs on the server. Script is a program running on the server. CGI scripts include 
programs written in C, C++ or perl. Following Figure 1 shows a simple CGI setup. Suppose a client makes 
an http request by clicking a hyperlink. This request is directed to a CGI script on the server side whose 
reference would be given in the <A> tag. The server would communicate with the CGI script on it with the 
help of CGI protocol. The script would be executed. We would do its coding such that it generates a query 
to the database to retrieve specific information. This information would then be supplied by the server to 
the client side as an HTML document. You can also consider an example. Assume there are two links on a 
web page (Fig. 2). When the user clicks on the hyperlink pertaining to IT Books, an http request goes to the 
server at the address, which is shown as value of the href attribute of the anchor tag. This address is that of 
a CGI script c hello2.cgi’, which is coded in such a way that it would generate a select query in SQL and from 
the table IT books would retrieve all the information as a result for the user. The Perl code of hello2.cgi is 
shown for a reference below. 



Fig.l 


© Copyright Virtual University of Pakistan 


82 





















E-Commerce - IT430 


vu 
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Fig. 2 


Code for Fig. 2 

<HTML> 

<BODY> 

<A href=http://www.onlineshop.com/cgi-bin/hellol.cgi> 

Click here to view the record of your previous transactions < / A> 

<P> 

<A href=http://www.onlineshop.com/cgi-bin/hello2.cgi> 

List of IT Books for sale 
</A> 

</BODY> 

</HTML> 

Perl example — hello2.cgi (Not for exam) 

print “<head>\n”; 

print “</head>\n”; 

print <body>\n”; 

print “<hl>IT Books</hl>\n”; 

print “<b>Description of available books</b><br>”; 

&SetOracle; 

&RunSQL(“Select * from ITBOOKS”); 

&StopOracle; print “</body></html>\n”; 

Structured Query Language (SQL) 

SQL stands for Structured Query Language. It is used to make queries from databases. Its syntax may vary 
slightly from tool to tool. However, its general syntax is that we use select statement to retrieve data from 
databases. We use after the word select then write the words “from tablename” in order to pick the 
entire information from a table. We can write the select statement specifically in case some specific 
information is desired to be retrieved as shown below: 

Select author,publisher from ITBOOKS where coursename=‘e-commerce ? 

We can use insert statement of SQL in order to insert certain data in a database. For example in Fig. 3 
below, you can see a web form with text boxes. When a user clicks at the Register! button (in fact a submit 
button), information provided by the user in the form would be shipped to the URL specified as value of 
the action attribute in the form tag. Here, that URL is that of an ASP file running on the server side. On 
clicking the Register!/submit button this file would be executed. We would code it such that it gives rise to 
an insert query. In other words, data provided in the form is picked up by the ASP file and subsequently 
inserted or recorded in a table in the databases. The format of Insert query used in ASP is shown for a 
reference below. We may also use delete and update statements in SQL for deleting and updating data in the 
tables. 


© Copyright Virtual University of Pakistan 


83 




E-Commerce - IT430 


vu 


3 C:\Documents and Sett1ngs\Saadat\Desktop\1.htm - Microsoft Internet Explorer 


File Edit View Favorites Tools Help 

0'0 @ $4 > ^ Search Favorites 0 - ^ S T U 9 

Address C: VDocuments and Settings\SaadatV3esktop\l.htm 

To Register Please Enter The Following Information: 

Name: 

Address: J 
Password: 

Email: [ J 

| Register! | [ Reset! ] 

Fig. 3 
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Code for Fig. 3 

<HTML> 

<BODY> 

<H3>To Register Please Enter The Following Information: </H3> 

<FORM NAME="regForm" ACTION= f, http://www.onHneshop.com/hello.asp M METHOD="POST" > 
Name: <INPUT TYPE= n TEXT n NAME="Name" maxlength="25"> 

<P> 

Address: <INPUT TYPE= n TEXT n NAME="userAdd" maxlength="50"> 

<P> 

Password: <INPUT TYPE="Password” NAME="userPassword" maxlength="15"> 

<P> 

Email: <INPUT TYPE= M TEXT M NAME="email" maxlength= n 15 M > 


<P> 

<INPUT TYPE="submit" NAME="Go" VALUE="Register!"> 

<INPUT TYPE="RESET" VALUE="Reset!"> 

</FORM> 

</BODY> 

</HTML> 

Insert Statement in ASP (not for exam) 

INSERT INTO Register (Name, Address, Password, Email) 

VALUES(Request.form(“Name”), Request, form (“Address”), Request.form(“Password”), 
Request.form(“Email”)) 

Register is the table where information received through the form is to be inserted. 

Servlets 

Servlets are very fast Java applications on the server side which are available in an active form in the 
memory of the server. They use JDBC to connect to the databases. 

Server Side Scripts 

They basically include ASP, JSP or PHP. Active Server Pages (ASP) is the product of Microsoft, Java Server 
Pages (JSP) is the product of Sun Microsystems and Hypertext Preprocessor (PHP) is the product of 
Apache Software Foundation. Their code can be embedded within the HTML document and they use 
extensions (.asp), (.jsp) or (.php), as the case may be. The servers sees the extension of the file and processes 
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the relevant ASP, JSP or PHP code embedded within the HTML code and provides the result of such code 
to the client side. 

ODBC/JDBC 

ODBC (Open database connectivity) and JDBC (Java based database connectivity) drivers are also present 
on the server side. Scripts or programs use these to establish connection with databases for querying. 

Basic difference between CGI scripts, ASPs, Servlets etc. 

Here, you can note some basic difference between CGI scripts, servlets, ASP, JSP etc. We know that the 
code we write is translated into an executable form. There are two ways to do this translation. One is that 
we compile the code or convert it into machine language using a software called compiler, as we use in case 
of C or C++. The other way is that we interpret the code (line by line) at the run time using a program 
called interpreter. Browser is an interpreter. Compiled code is usually faster than the interpreted one as 
regards execution. Technologies like ASP, PHP and Coldfusion interpret their code except the new version 
of ASP (ASP.net) where the code is compiled. In case of JSP a program called JSP engine compiles the 
code. This compilation takes place only once, and then the JSP page is converted into a Servlet. The 
property of a servlet is that it is always in an active form which means that it remains in the server memory. 
Therefore, any subsequent calls to the page have faster response time. This probably is the only main 
difference between a JSP and a Servlet. Another difference between ASP and JSP is that ASP mostly uses 
VBScript and JSP uses Java programming language for coding. Note that among the CGI scripts, Perl 
scripts are interpreted and C++ scripts are compiled. However, CGI scripts are generally believed to be 
relatively slow, since each CGI request generates a new process which is heavy for the system. Therefore, 
CGI scripts are no longer a very popular option. 

ASP 

We can discuss ASP a little more in detail. It runs best on IIS (Internet Information Server) which is freely 
available with Windows NT and Windows 2000. ASP engine is a piece of software that is a part of IIS and 
interprets/translates an ASP code. There are mainly seven predefined objects in ASP called intrinsic objects. 
To have some idea of the ASP objects, we can have a look at the two important ones, that is, request and 
response objects. Response 

object is used to send information to the client and Request object is used by the server to 
retrieve information from the client. 

ASP examples (not for exam) 

Following is the example of Response object. We use its “write” function to write some 
information on our web page. ASP normally uses VBScript as the scripting language. In 
ASP, a variable is generally defined using Dim statement as shown in the code below. 

ASP statements are contained within <% and %> which are called delimiters. VBScript by 
default assumes that any symbol that is not a keyword is a variable. This might cause serious 
problems when you are writing an ASP application. What if you mistype a variable name and 
it will be considered by the server as a new variable. To avoid this you must write Option 
Explicit at top of your each ASP file. 

<%@ language=VBScript %> 

<%option explicit 0 /) > 

<%Dim lastname 
Dim firstname 
Dim myage 
lastname=“Ali” 
firstname=‘ ‘Imran’ ’ 
myage=30 
%> 
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<html> 

<head><title>It is easy</title></head> 

<body> 

My name is <%=firstname%> <%=lastname%> and my age is <%Response.Write 
myage%> 

</body> 

< /html> 

Suppose that we want to collect data from a form (Fig. 4) using ASP and then resend a page 
to the client having that information written on it. For that one can develop the following 
ASP code. Note the use of “Request.form” for collecting data form the form. 

<%@Language= n VBSCRIPT M %> 

<%option explicit 0 /) > 

<%Dim loginname 
Dim name 

loginname=Request.Form("userlogin") 

name=Request.Form( n username M ) 

%> 

<html> 

<head><title>It is easy</title></head> 

<body> 

My name is <%Response.Write name%> and I am going to use 

<%Response.Write loginname%> as my login 

</body> 


< /html> 



When a user clicks at Register! the information filled by him in the above two boxes would 
be delivered to the ASP file whose code you have seen above. This would happen because 
we keep the name or URL of the above ASP file as value of the action attribute in the form 
tag. 

VBScript offers a lot of flexibility for programming. We can use functions, If statements, 
For loops etc. Consider the following example where a For loop has been used: 

< % @Language=‘ ‘ VB S CRIPT”% > 

<%option explicit 0 /) > 

<HTML> 

<Body> 

Testl 

<% 

Dim myString=“ecommerce” 

%> 
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<%If Time>=#12:00 AM# and Time<=#12:00 PM# then%> 

<h3>Good Morning Pakistan</h3> 

<%else%> 

<h3>Hello Everyone <p> 

<% 

Dim j 

For j=l to 3 

Response, write my string 

response.write “<p>” Next %></h3> <% end if %> </Body> </HTML> Result of the above code 
would be similar to the one shown in Fig. 5 below. Note that the words ecommerce are printed thrice due 
to for loop written in a specified format in VBScript._ 


H C:\Documents and Settings\Saadat\Desktop\ 



Fig. 5 
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Lesson 19 

MAINTAINING STATE IN A STATELESS SYSTEM 

You know that http is stateless. Another reason why we need to write scripts or develop our back end is 
that we want to maintain state. In other words, we want to link different clicks/steps involved in an e- 
commerce transaction. When we go to an ecommerce site, we are generally asked to take three different 
steps, that is, provide Registration information, and make selection of items (Add to Cart) and Confirm 
Order. The question is how do we create link or maintain state among these different steps. There are 
following options available for programmers in this regard: 

A temporary file may be created on the server side and we code our scripts behind the steps/clicks - 
Register, Add to Cart and Confirm Order - in a way that the information of each step/click is stored in that 
temporary file using the same common ID. At the end our confirm order script puts this information in 
some database using insert query. 

Another method is to use the client side or cookies for maintaining state. Information regarding 
Registration and Add to Cart can be stored in cookies and at Confirm Order cookies against these URLs 
would revert to the serve side and be stored in databases against a common ID. 

We can also use hidden forms’ fields. We keep data back and forth within forms to maintain state. 
Following is a piece of HTML code for a form (Add to cart) in which hidden fields are used. I have used 
pairs of input tags with type hidden and type checkboxes. (I can also use them in a For loop using 
Recordset object of ASP then it would be possible that these pairs of input tags are generated in a loop and 
information of records available in databases is directly picked up and printed for me). Because of type 
hidden the item name and item code/value for each item would be there in the form against each item but 
would remain hidden. When the user selects items (through check boxes) and presses Add to Cart his 
selected information would go to some script which would be coded such that it would open a new page 
with button Confirm Order. In this new form the item code or value of selected items would be present but 
would remain hidden. When a user presses the button Confirm Order the information of selected items is 
stored in the databases (through a script) against the item code present in the form, though hidden. We can 
say that state is maintained here between steps Add to Cart and Confirm Order in the sense that selections 
made in step Add to Cart were passed over or provided to the next step Confirm Order. 

Example - Hidden Fields 

<FORMNAME="Forml"> <INPUTTYPE= "HIDDEN" NAME= "Shirtl" VALUE="25"> <INPUT 
TYPE= "CHECKBOX” NAME= "Checkl">Blue Cotton Shirt <br> <INPUT TYPE= "HIDDEN" 
NAME= "Shirt2" VALUE="26"> <INPUT TYPE = "CHECKBOX" NAME= "Check2" >Green Cotton 
Shirt <br> 

<INPUT TYPE= "HIDDEN" NAME= "Shirt3" VALUE="27"> <INPUT TYPE= "CHECKBOX" 
NAME= "Check3">White Silk Shirt .... 

<P> 

<INPUT TYPE="submit" NAME="Go" VALUE="Register!"> <INPUT TYPE="RESET" 

VALUE="Reset!" ></FORM> 

Another option is to keep everything in databases. Here, information of each step is recorded in appropriate 
tables of a database itself and linked up with the help of a commonID. It is relatively more costly and time 
consuming option. 

We can use Servlets to write our scripts to speed up processing. It gets tricky, as one must have a solid 
knowledge of programming to implement these methods. Here, the idea is just to give you a broad 
concept/picture as to how the state is maintained. 

Client server architecture 

Note that we may have different tiers in client server architecture depending on where the processing of 
data takes place. In 1-tier architecture, the entire processing takes place at a single place/zone. For example, 
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in Fig. 1 below, the processing of data only takes place in the main frame and different machines are 
attached to it just as display terminals. Conversely, the entire processing may take place at individual 
terminals and a centralized machine called file server just stores the files having no role in the processing of 
data. Again, that would be an example of 1-tier architecture (Fig. 2). Example of 2-tier architecture is where 
processing of HTML code takes place on the client side and the web page request is processed on the server 
side (Fig. 3). In a 3-tier architecture, we can place our database management system or application software 
on a different processing zone or tier than the web server (Fig. 4). Similarly in a 4-tier architecture ,for 
example, we can place the payment processing system at the 4 th tier. Thus, we can divide the client server 
architecture into n — tiers. 



Fig. 2 
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Fig. 3 



Fig. 4 


Web server 

You know that web server is a machine that serves up the web page requests of a client on the internet. It is 
a combination of hardware and software. Decision as regards the type of a web server is largely dependent 
on the volume and type of web activities. So, transaction processing sites generating dynamic pages with 
high traffic volumes would need web server software that is more efficient and can easily be upgraded. 
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Operating systems for web servers 

A computer must have an operating system to run programs. It also provides input and output services to 
devices connected to a computer such as monitor, printer etc. Commonly used web server operating 
systems are Microsoft Windows NT Server, Microsoft Windows 2000 Advanced Server, Microsoft.NET 
Server, Linux or Unix based operating systems such as Solaris. Unix-based web servers are more popular 
and are considered to be more secured. Linux is open source operating system which is fast, efficient and 
easy to install. Open source software is developed by a community of programmers who make it available 
for download at no cost. Web Server Software Common examples of web server software are Apache 
HTTP server, MS Internet Information Server (IIS) and Sun ONE web server. Apache is open source code 
developed in 1994. Today, it dominates the web, because it is free and performs very efficiently. IIS comes 
with MS windows 2000 and NT operating systems. IIS’s inclusion of ASP provides an environment in 
which HTML pages and scripts can be combined to produce dynamic web pages. Sun one (iPlanet or 
Netscape) web server is a joint product of AOL and Sun Microsystems. It can run on many operating 
systems including Solaris and Windows. Web Server Hardware Web Server computers have generally more 
memory. They have larger and faster hard disk drives and faster processors than the typical desktop PCs. 
Companies that sell web server hardware such as Dell, Hewlett Packard etc. all have configuration tools on 
their web sites that allow visitors to design their own web servers. 

Performance of web sever 

Performance of web servers can be evaluated mainly on the basis of two factors: 

Throughput, which is the number of http requests that a particular server hardware and 
software can handle in the unit time; and 

Response time, which is the amount of time a web server requires to process one request. 
Web server hardware architectures 

We can divide e-commerce sites up to n-tier architectures. Some web sites are so large that we need more 
than one computer within each tier. For sites which have to deliver millions of individual pages and process 
thousand of customer and vendor transactions each day, site administrators must plan carefully how to 
configure their web server computers. They may adopt two different approaches in this regard. They can 
use centralized architecture approach where they can use few but very fast and large computers within each 
tier; or they may adopt decentralized approach using many less powerful computers and dividing workload 
among them. Web hosting choices ISPs also offer web hosting arrangements. 

Shared hosting means that a client’s web site is hosted on a server that simultaneously hosts other web sites 
and is operated by an ISP through its location. 

In Dedicated hosting a web server is arranged by the ISP for a client but that client does not share it with 
other clients of the ISP. In both cases ISP owns the hardware but leases it to the client and is responsible 
for its maintenance. In Co-location hosting, the ISP offers on rent a physical space to client to install its 
own server hardware and software and maintain it by itself. Companies may opt to run a server in house 
which is called self hosting. 

E-commerce software 

Size and objectives of e-commerce sites vary thus variety of software and hardware products are developed 
which can be used to build those sites. Type of e-commerce software that an organization needs depends 
on several factors. Typically all e-commerce software must at least provide: 

A catalog display 
^p- Shopping cart capabilities 
Transaction processing 


Large or complex e-commerce sites also use software that adds other features and capabilities as follows: 
ip Middleware 
ip- Application integration 
^ Web services 
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Integration with ERP Software 

Supply chain management software 

Customer Relationship Management (CRM) Software 

Content Management Software 

Knowledge Management Software 

Catalog display 

A Static catalog is a simple list written in HTML. One has to edit the HTML code to change it. A dynamic 
catalog stores information about items in a database usually on a different computer accessible by the web 
server. It can provide photos, detailed description and search facility about the availability of items. 

Shopping cart 

In early days form based shopping cart was used wherein the user had to remember and type certain 
information. It is now replaced by electronic shopping cart/basket that keeps record of the items the 
customer has selected and allows customers to view the details of the items selected. The customer can add 
new items or remove items. To order an item, a customer simply clicks at that item option. All details of an 
item, including its price, product no. and order identifying information are stored automatically in the cart. 

Transaction processing 

It occurs when a customer clicks at checkout or confirm order button and is subjected to some 
processing mechanism. It represents the most complex part of online sale. Calculation of taxes, 
costs etc. is important parts of this process. Some software enables a web server to obtain updated 
rates by direcdy connecting to shipping companies’ web sites. 

Advanced functions of e-commerce software 

Middleware 

Large companies establish connections between their e-commerce software and their existing accounting 
system by using a type of software called Middleware which is a part of e-commerce software package. 

Application integration 

A program that performs a specific function such as creating invoices/bills or processing payment received 
from customers is called an application program. We know that Database Management Software stores 
information in a structured way. Experts should properly consider that their e-commerce software 
application programs must be compatible and fully integrated with the Database Management Software. 
For example if a company has existing inventory database then the experts should select that e-commerce 
application program that supports such a system. 

Web Services 

Web services are defined as a combination of software tools that allow application software in one 
organization communicate with other programs/applications over a network by using a specific set of 
standard protocols. For example a company that wants to gather all its financial management information in 
one spreadsheet can use web services to automatically get bank account details, information about loans, 
stock value etc. from different independent sources. Similarly, web services can be used to obtain price and 
delivery information about goods from different vendors/suppliers, review this information, place the order 
to the right vendor/supplier and track the order till shipment is received. 


payment 

shipping 

shipping 
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INTEGRATION WITH ERP SYSTEMS 


Lesson 20 


Enterprise Resource Planning 

Enterprise Resource Planning (ERP) is a concept that integrates all aspects of a business e.g, accounting, 
logistics, manufacturing, marketing, planning, project management etc. at a single place. An ERP system 
such as SAP is expensive. E-commerce sites/software has to fully integrate with ERP software, wherever it 
is used. 


Customer Relationship Management Software 

Primary goal of customer relationship management is to understand each customer’s needs and customize 
the product/service to meet those needs. CRM software gathers data from customer’s activities on the web 
site of e-business. The software uses this data to help managers to conduct analytical study about their 
business/marketing. 

Supply Chain Management (SCM) Software 

Supply chain involves all activities associated with flow and transformation of goods from raw material 
stage to the finished stage and their supply to the end users. Supply chain management software helps 
companies to coordinate planning and operations with their partners in industry. SCM planning software 
helps companies develop demand forecasts using information from each player in supply chain. SCM 
execution software helps with tasks such as the management of warehouses and transportation facilities. 

Content Management Software 

Companies have found it important to use the web to share corporate information among their employees, 
customers, suppliers etc. Content Management Software helps companies control the large amounts of data, 
pictures/graphics and other files that play a crucial role in conducting business. It also offers different ways 
of accessing the corporate information which managers of a business might need for decision making. 

Knowledge Management Software 

Companies have started to find ways that help them manage the knowledge itself regardless of documentary 
representation of that knowledge. Software that has been developed to meet this goal is called Knowledge 
Management Software. It has features that allow it to read documents in electronic format, scanned paper 
documents, e-mail messages etc. so as to extract knowledge. 

E-commerce Software 

Following are the names of some well-known e-commerce software: 

Intershop Enfinity 

IBM’s WebSphere Commerce Professional Edition 
Microsoft Commerce Server 2002 


Agents 

An agent is a software program that is capable of autonomous action in its environment in order to meet its 
objectives. Agents can be used for comparisons, filtering, web crawling, auctions etc. For example, there 
may be buyer agents and seller agents each with their goals and constraints. They can negotiate deals on 
behalf of the users. Agents can monitor health indicators and alert the individuals under given conditions. 

Security issues over the internet 

Security is the biggest factor slowing down the growth of e-commerce worldwide. For instance, when you 
enter your credit card no. in a text box, it is potentially exposed to millions of people on the internet and 
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can be misused. It is important to know following terms in connection with the security threats over the 
internet. 

Back doors and Trojan horses 

Back Doors are those hostile programs which, when run on a machine, install hidden services in order to 
give attackers remote access capabilities to a compromised machine. Trojan horses are those programs that 
appear harmless but actually have some malicious purpose. For example, HAPPY99.EXE is a Trojan horse 
that displays a firework and then sends copies of it to the e-mail addresses found on the system. The term 
Trojan Horse has been borrowed from history. In history it has been used to refer to a huge wooden horse 
where the whole Greek army was hidden during a war and the enemy was deceived because it could not 
figure out that. 

Viruses and worms 

Viruses and Worms are malicious programs that can travel between computers as attachments on email or 
independently over a network. These terms are sometimes used interchangeably; however, essentially they 
are different. Worms spread from computer to computer, but unlike viruses have the capability to travel 
without any help or human action. A worm can replicate itself which means that it can send copies of itself 
to everyone listed in the email address box on a system. Viruses, on the other hand, need to be activated 
through a human action. Another difference is that viruses modify existing programs on a computer unlike 
worms which can install back doors or drop viruses on the system they visit. A few years ago a worm called 
‘Love Bug’ was triggered by a 23 years old student in Philippine. Its code was written in VBScript, and it 
traveled on the internet as an email attachment. It could send copies of itself upto 300 addresses found in 
the email address box. It could destroy files on the system as well as search for any passwords and forward a 
list of the same to the attacker. Within days it spread to 40 million computers in more than 20 countries 
causing a financial loss of about $ 9 billion. 

Virus protection 

■#- Install anti-virus software such as McAfee, Norton, Dr. Solomon, Symantec etc. 

Downloading of plug-ins from the internet be avoided (plug-ins are those programs that work with the 
browser to enhance its capabilities) 

^- Downloading of plug-ins should be done from the vendor’s official website 

Newly obtained disks, programs or files should be scanned for viruses before use 
Installation of a firewall may also reduce the risk of virus attack 

Hackers 

Hackers or crackers are those individuals who write programs or manipulate technologies to gain 
unauthorized access to computers and networks. 

Active contents, active X control 

Active content is a term generally used to refer to programs that are embedded in web pages to cause 
certain action. Malicious Active Content delivered through web pages can reveal credit card nos., user 
names, passwords etc. and any other information stored in the cookie files on a system. Applets, JavaScript 
and Active X Controls can be used to install hidden services to the hacker. You know that Applet is a 
compiled Java program that runs on the client’s machine when a particular web page request is made. Some 
malicious content can be sent by the hacker embedded in the Applet. Through JavaScript attacks a hacker 
can destroy the hard disk, disclose emails in the mailbox or get any sensitive information. JavaScript 
programs can read list of URLs visited and seize information in the web forms. For example, if a user enters 
a credit card no. in the form, JavaScript code can send a copy of it to the hacker. Moreover, malicious 
content can be delivered through cookies using JavaScript that can reveal contents of files or destroy files. 
Active X Controls are those objects which contain programs placed on web pages to perform particular 
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tasks. They can originate form many languages, C, Visual Basic etc. When downloaded they can run on 
client machine like any other program. A hostile Active X Control can reformat a user’s hard disk, send e- 
mails to all people listed in the mailbox or even shut down computers. 

Out side attacks on a network 

Eavesdropping/ sniffing/snooping 

In this type of attack the hacker has the ability to monitor network traffic using some kind of network¬ 
monitoring software. For example, a hacker may install some backdoor or Trojan horse that can monitor 
the key strokes of a user while typing and send the typed information to the hacker. 

Password attacks 

Such attacks are basically a result of eavesdropping through which the hacker is able to know the account 
ID or password of a particular user. Then using it the hacker gains access to the network and gather 
information such as user names, passwords, computer names, resources etc. That can lead to modification, 
deletion or rerouting of network data. 

IP address spoofing 

You know that there are two IP addresses available on a data packet — IP addresses of the sender and the 
destination. The address of the destination only matters for routing. It is possible that a hacker (having 
special capabilities) seizes the control of a router, changes the IP address of the source/sender on data 
packets and thus forces the destination machine to send the information/web page to a different machine, 
that is, the machine of the hacker. This is called IP address spoofing. 

Man in the middle attacks 

In it the attacker is able to monitor, capture and control data between sending and receiving machines. He 
may apply IP address spoofing technique to divert the packets to its machine, then modify the packets and 
resend the misleading information to the actual client. Another form of man-in-the-middle attack is where 
the hacker is able to substitute the IP address of a genuine web site with the IP address of his own web site 
due to some security hole in the software that runs on a domain name server. A client would think that he is 
communicating or receiving the information form a genuine web site, though it would not be the case 
actually. 

Denial of services (DOS) attacks 

In this type of attack, the attacker gains access to the network and then send invalid data to network 
services or applications. These services or applications consequently become unable to perform their 
normal tasks or functions. Hence, sending a flood of data to a particular service or computer can cause it to 
overload or shutdown. This attack is specially used to take down websites on the internet, when repeated 
requests for web pages are deliberately initiated so as to choke down a web server. In early 2000 this attack 
was launched against some famous ecommerce web sites. Hackers arranged computers with special 
software initiating thousands of http requests per second for specific web sites causing the web servers to 
overload. Thus, these servers were made unable to fulfill the web page requests of the genuine users/clients. 
In distributed denial of service attack, the compromised system itself is used as a source for further attacks. 
The use of firewalls and a proper Intrusion Detection System (IDS) can minimize the risk of a DOS attack. 
It is also important to establish a security policy for an e-business organization outlining as to which assets 
have to be protected and how to be protected. 
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Lesson 21 


FIREWALLS 


A firewall is a combination of hardware and software that sits between the internet and internal network of 
an organization to protect the network from outside attack (Fig. 1). It can examine the data entering or 
leaving from the network and can filter the data according to certain rules, thus, protects the network from 
an attack. There are three main types of firewalls detailed as follows: 



Fig.l 


Packet filter firewall 

It uses a set of rules to determine whether outgoing or incoming data packets are allowed to pass through 
the firewall. For example, we can, as a rule, specify IP addresses of sending devices such that packets from 
these IP addresses are not allowed to enter the network. The Firewall would stop them from entering. A 
packet filter firewall is the simplest type of firewalls which operates at data link and network layers of the 
OSI model. 

Circuit level firewall 

It is quite similar to the packet filter firewall. It also works on the basis of a set of rules for filtering packets 
but operates at the transport layer of the OSI Model so has greater functionality. As a rule, the higher the 
layer of OSI model where a firewall operates, the more sophisticated is the firewall. It can make packets sent 
from internal network to a destination outside the firewall appear as if they originated at the firewall. Thus 
information regarding hosts on the internal network remains secret. It can also determine whether TCP/IP 
connection between a host and a machine outside firewall has been properly established. Thus it can cut off 
any connection which has been hijacked by a hacker trying to pass through the firewall. 

Application gateway firewall 

It operates at application layer of the OSI Model. It uses strong user authentication to verify identity of a 
host attempting to connect to the network using application layer protocols such us FTP. In contrast to 
packet filter firewall, it filters the requests rather than packets entering/leaving the network. It can block any 
outgoing HTTP or FTP requests. It can prevent employees of a company inside a firewall from 
downloading potentially dangerous programs from the outside. In other words, this type of firewall is used 
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to control connections thus employees of a company can be restricted from connecting to certain web sites. 
We can combine circuit level capabilities with application gateway services to form Hybrid type of a firewall. 

Proxy server 



Mainly, it can do three things: 

An http request from the browser goes to proxy server. It can affix its own IP address instead of IP 
address of the requesting machine; thus, it hides the information of the host. It downloads the 
requested page itself and afterwards supplies it to the user. 

It can also act as a firewall filtering requests for certain web pages. 

^- An important job it can do is to speed up the processing of http requests by caching web pages. 
Caching means that it can store the requested web pages in its memory (cache memory) for a certain 
period. The advantage of caching is that for subsequent web page requests the time of supply of the 
web pages is reduced. Instead of sending the request to actual web server, the proxy server can quickly 
supply the web page stored in its cache memory, thus, it saves the time of downloading the page. 

Virtual private network (VPN) 

Suppose that a client is sitting at a local branch network of a company and wants to become part of a 
bigger, head office network of that company located far away. One option for him is to set up a dial up 
connection, which means that he can be connected to a server machine lying in the head office network 
through a direct telephone line. That server machine may be called a Remote Access Server (RAS) and 
the client may be called a Remote Access Client (RAC). Remote access is a two way process so both RAS 
and RAC must be configured, first. Some windows operating systems provide the facility to configure the 
RAS and RAC. Basically, the client specifies the phone no. of RAS while configuring. After both RAS and 
RAC are configured, the client enters identification information (password etc.) and clicks at “Dial”. 
Accordingly, phone no. of RAS is dialed and connection with RAS is setup. Once clients are connected to 
RAS, they can access the remote company network and its resources — servers, printers etc. A protocol, 
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Point to Point Protocol (PPP), is used to set up the dial up connection between RAC and RAS for exchange 
of data packets. 

A VPN provides another option of remote access. It is defined as a secure, dedicated point to point 
connection over the internet. In VPN we use internet infrastructure for connection instead of a special 
telephone line. Both RAS (also called tunnel server) and RAC (also called tunnel client) are connected to the 
internet. Initially, both are configured for VPN. IP address of tunnel server must be specified during the 
configuration of tunnel client (instead of phone no.). The option of VPN is available if we explore the menu 
‘Internet Options’. We can enable VPN, thus. Similarly, tunnel server should also be configured so that a 
client’s request for access can be authenticated. VPN connections or tunnels are managed by Point to Point 
Tunneling Protocol (PPTP) which due to encryption provides secure transport of private communications 
over the public internet. A VPN connection thus can be created between the branch office and the 
corporate head office. 

VPN is a cost saving measure as compared to simple remote access using dial up connection. In VPN one 
makes a local call to the ISP and then using ISP’s infrastructure, routers etc. one is connected to the 
internet. In other words a client can become part of the remote network through the internet. Note that a 
tunnel client just incurs the cost of a local call to the ISP and yet he can remain part of the remote corporate 
network for many hours. On the other hand, in case of dial up connection for remote access one has to pay 
the cost of a long distance call for as many no. of hours as one wants to be connected to the remote 
corporate network. This is going to be very expensive. VPN is the example of an extranet. You know that 
when two or more intranets are connected to each other they form an extranet. A manufacturing company 
thus can be connected to its suppliers of raw material and its distributors through VPN. 

Security - the biggest challenge 

There is a consensus that the issue of computer and data security is the biggest hurdle in the growth of e- 
commerce. Web servers also face this security threat. Programs that run on a server have the potential to 
damage databases, abnormally terminate server software or make changes in the information placed there. A 
number of international organizations have been formed to share information and combat security threats 
to computers and computer networks. The names of two such organizations are worth-mentioning: 

Computer Emergency Response Team (CERT) 

-flF- Systems Administrator, Audit, Network and Security Institute (SANS Institute) 

The best response that the experts have come up with to tackle the security issue is in terms of 
cryptography. 

Cryptography 

Cryptography is the technique of converting a message into unintelligible or non-understandable form such 
that even if some unauthorized or unwanted person intercepts the message he/she would still not be able to 
make any sense out of it. Cryptography is thousands of years old. 

Techniques used for cryptography Substitution In substitution we replace each letter in the message with 
another to make the message non-understandable. For example, each letter “a” in the message can be 
replaced with letter “d” and letter “b” with letter “e” and so on. Transposition It is based on scrambling the 
characters in a message. A transposition system may first write a message into a table row by row then the 
message can be read and rewritten column by column to make it scrambled (see Fig. 3). 
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Fig. 3 


Historically, cryptography has long been used as a military technology. Julis Ceaser used a simple 
transposition cipher to scramble messages to give instructions to his commanders in the battlefield. 
Similarly, Hitler used Enigma encryption cipher to scramble messages sent by radio to German armies and 
u-boats during the Second World War. Cryptography has also been used for non-military purposes over the 
centuries. There are records of people using cryptography to protect religious secrets and to hide secrets of 
science and industry. In recent years, the use of cryptography in business and commerce appears to have 
surpassed its earlier use. It has made the rapid commercialization of internet possible. Without 
cryptography, it is doubtful that banks, businesses and individuals would feel safe doing business online. 
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CRYPTOGRAPHY 


Lesson 22 


Cryptography is a collection of mathematical techniques used to ensure confidentiality of information. The 
process of scrambling a message with the help of a key is called Encryption. The process of unscrambling a 
message using an appropriate key is called decryption (see Fig. 1). Keys are numbers or characters that are 
randomly generated with the help of some cryptographic algorithm. Pretty Good Privacy (PGP) is the name 
of a popular cryptographic system which is available for general public use. There are two types of 
cryptography - Symmetric and Asymmetric cryptography. 



Fig- 1 


Symmetric Cryptography 

In symmetric cryptography same keys are used for encryption and decryption. 

Asymmetric or Public Key Cryptography 

In this type a pair of public and private keys is used for encryption and decryption (Fig. 2). 



Fig. 2 


Digital/electronic signature 

An electronic signature means any letters, numbers, symbols, images, characters or any combination thereof 
in electronic form applied to an electronic document which can ensure authenticity, integrity and non¬ 
repudiation. It uses public key cryptography (Fig. 3). Authenticity means that the message is from a 
particular source/individual. Integrity means that the message has not been altered during transmission. 
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Non-repudiation means that the execution of the digital signatures cannot be denied by the one who is 
alleged to be the 



Fig. 3 


Digital certificates 

These are the certificates in electronic form which establish whether or not a public key belongs to the 
purported owner. A digital certificate at least comprises a public key, certification information (name, ID 
etc.) and electronic signatures of a certification authority. Digital certificates are prepared according to a 
generally accepted format called X.509 standard format. 

Certification authority (CA) 

A certification authority is defined to be a trusted public/private body that attests the association of a 
particular individual with his/her corresponding public key. A CA signs digital certificates with its private 
key. There are many CAs working in the field but the pioneering or the most reputed CA is Verisign which 
is based in America. 

Certification authorities work in a hierarchical fashion. There is the CA at the top called root CA (the most 
reputed CA). It can issue certificates to CAs working below it and those CAs’ can further issue certificates 
to CAs working under them. In this fashion a hierarchy of CAs is developed with each CA confirming the 



Fig. 4 


Assume that I want to send an encrypted or a confidential message to Mr. A. For that I need to know his 
public key. I can access a machine called key server and try to find his public key against his particulars 
(name, address, id etc). I may discover that a CA, CA1 below in hierarchy has issued a digital certificate to 
Mr. A against his particulars and has signed it with its private key. If that CA holds a reputation that I can 
trust it then I would rely upon that public key and use it for encryption. Otherwise, I should go up the 
hierarchy and see whether there is a certificate issued by CA2 certifying the public key of CA1. If that 
certificate is found then ideally I should go further up the hierarchy to check that the CA, above CA2 which 
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is root CA in this case has issued certificate to CA2 or not. In this manner I can check the certificates up to 
the root CA. 

If all the certificates in the chain are available, then it should provide me the maximum trust that this key 
actually belongs to that particular user. However, if the chain is broken or any certificate is missing in 
between that might cause a dent in my trust on that public key. I would then be hesitant to use that public 
key appearing to be that of Mr. A. It is all a web or the model of trust. The greater is the reputation of a CA 
the more trust I shall have in the certificate issued by it authenticating the public key of a user. The CAs at 
the top level of hierarchy carry more trust. So, if Mr. A has a certificate directly from the root CA, his public 
key would be most trust worthy. In case he has a certificate directly from Verisign, the most reputed CA in 
the world then I should have maximum trust that this public key must be that of Mr. A whom I know. I 
should have trust that if Verisign has issued the certificate it would have done detailed investigation before 
issuing it to Mr. A. His name, address, identification would have been properly verified or confirmed before 
associating a public key with him through the certificate. If you are obtaining a certificate from a top level 
CA, which is more reputed, you have to pay more to that CA. So Mr. A has to pay relatively more to the 
root CA if he wants to obtain a certificate directly from the root CA. There are different levels of 
certificates attaching different levels of trust with them. We may have class, A, B or C type certificates. A 
Class A certificate would have more trust attached to it. Of course, one has to pay relatively more to get a 
class A certificate from a CA as compared to class B or C. However, in class A, a greater level of 
investigation would be involved before issuing a certificate to someone. 

You may have noticed that the role of a Certification Authority is analogous or similar to a passport office. 
The issuance of passport by the passport office attaches credibility that this particular person is entitled to 
travel. However, the passport is not issued by the office until detailed enquiry/verification about the identity 
of the person is made. Once a person holds the passport, that confirms that this particular person whose, 
name, address etc. is appearing on the passport is entided to travel. Similarly, if a digital certificate is issued 
by a reputed CA that would confirm to other people that this particular public key certified by the CA 
belongs to this individual only. 

There is a reason why we use the concept of CAs. We use it for the verification of identify of a person. This 
is probably the best solution envisaged for such verification, though it may have certain loopholes in it. You 
can realize that the best thing is that Mr. A personally hands over his public key. On the other hand if I try 
to trace his public key against his particulars (name, address, and identification no.) on a key server there is a 
possibility that I end up discovering that there are three, four, five different public keys against the 
particulars of same Mr. A. Assume that all of them have been certified by different CAs. Now, I am 
confused that which of these is genuine so that I can use it. Indeed, only one of them is genuine and the rest 
are fraudulent keys registered by fraudulent people using particulars of Mr. A. In this situation I would use 
and rely upon that public key of Mr. A that has been certified by the most reputed CA among all the CAs. I 
would treat others as fraudulent. The objective of getting fraudulent keys is to intercept/receive the 
messages intended to be sent to a particular receiver. So, if someone intends to receive the messages 
delivered for Mr. A, he may register the key against his particulars and get a certificate in this behalf. Note 
that CAs are supposed to issue the certificate after proper enquiry, otherwise they may also be held liable 
under different laws. 

Despite the loophole that fraudulent keys can be obtained in this set up, this system of certificates is 
believed to be the best for confirming authenticity of a person. Imagine that I want to send an encrypted 
message to someone in Canada from Pakistan. It would not be practical that first I contact him in Canada 
and in some manner obtain his public key and then send him the message using that. It would be more 
convenient, practical and time saving that I go to a key server, find his public key against his particulars and 
check whether it is certified by a reputed CA. In other words if the certificate of a well respected CA is there 
to authenticate his public key then I can use that public key. Behind this system of certificates and CAs, the 
idea is to make internet communication global in nature such that the authenticity of individuals is also 
ensured at the same time. 
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HASH FUNCTION AND MESSAGE DIGEST 


Lesson 23 


There are two terms that you should note here — hash function and message digest. Hash function is a one¬ 
way mathematical function applied to a message. Result of the hash function is unique to each message 
called Message Digest. A message digest is a single large number typically between 128 to 256 bits in length. 
Thus, we can have up to 2 256 different messages each having a unique message digest associated with it. This 
gives rise to almost an incalculable figure. We can safely assume that each different message that can 
possibly be typed would have a unique message digest on applying a hash function. A hash function is said 
to be one way because we cannot go back to the original text on applying the hash function to a message 
digest. Basically, the concept of hash function and message digest is used to confirm the integrity of a 
message. Following is the example of a hash function that can be used in a code (no need to prepare it for 
exam) 

“char XORhash( char *key, int len) 

{ 

char hash; 
int i; 

for (hash=0, i=0; i<len; ++i) hash=hastDkey[i]; 
return (hash%101); /* 101 is prime */ 

}” 

Following example shows how a text message is encrypted and digitally signed using public key 
cryptography: 

First of all, the sender types a text message “Together, we shall make Pakistan strong...”. A hash function is 
applied on the message to get the message digest. Assume the message digest comes to be “1967...” in this 
case. The message is encrypted using public key of the receiver, thus it becomes scrambled or confidential. 
Then the sender adds his private key in the obtained message digest to create his digital signatures. This 
digitally singed message is received by the receiver, who applies the pubic key of the sender to decrypt the 
digital signature and reveal the message digest. Then the receiver uses his private key to unscramble the 
message itself, and applies the same hash function received from the sender to get a message digest. The 
receiver compares this message digest with the one sent by the sender through digital signature. If both are 
the same it ensures that the message has not been altered during its transmission. Figures 1-4 given below 
explain this concept: 


Public 



key 

Together, we shall make 


receiver 

Pakistan strong .... 


Private key 



sender 




^ 1967.... 



Fig.l 
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Pakistan strong .... 
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Fig. 4 


Process of Sending Messages Using Public Key Cryptography 


Fig. 5 below shows the working of the digital signature technology: 
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How Digital Signature Technology 
Works? 


The Process of Sending Messages Using Public Key Cryptography 


Hash I Public Key receiver 


Original 

4 

Message 




Private Key receiver) 


Scrambled+Signed 

Message 



Message Digest + Private Key of sender ^ Public Key sender to reveal Message Digest 


Fig. 5 

Note that following steps are involved in the digital signature process: 

1. Hash function is applied to the original message in order to find the message digest. 

2. Public Key of the receiver is used to encrypt the message. 

3. A digital signature is attached to the scrambled message by signing the message digest with 
Private Key of the sender. 

4. The encrypted message, the digital signature and the hash function are sent to the receiver. 

5. Public Key of the sender is used by the receiver to reveal the message digest and, thus, to 
confirm identity/authenticity of the sender. In this regard, the receiver finds the digital 
certificate certifying the public key of the sender and checks whether the digital signature can 
be decrypted with the public key on the certificate and whether or not this certificate had been 
issued to the sender by a trust-worthy certification authority. 

6. Receiver uses his/her Private Key to decrypt the message. Private Key is a secret key only 
known to the user. 

7. Receiver applies hash function to the received original message and computes the message 
digest. If this message digest matches with the one received from the sender, it confirms that 
the message has not been altered during transmission. This ensures integrity of the message. 

Note that a symmetric key can also be used for encrypting a message instead of using the pair of public and 
private keys. The advantage of using symmetric key is that since symmetric algorithms are faster as 
compared to asymmetric, therefore, the encryption of a message with the symmetric key takes place quickly. 
In order to send the symmetric key to the receiver, however, the asymmetric cryptography has to be used. 
PGP uses this system. See Fig. 6 below. 
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How Digital Signature Technology 
Works? 

The Process of Sending Messages Using Public Key Cryptography 



Fig. 6 


Where only the authenticity is to be ensured and not the integrity, then a name or a piece of text can be 
chosen to create the digital signatures. In Fig. 7 below, the word “Imran” has been used to create a digital 
signature which can commonly be used for all different messages. 

Note that a digital or electronic signature is believed to be more reliable as compared to paper signatures 
because it is not ordinarily possible to copy or forge an electronic/digital signature. But, that is very much 
possible in case of paper signatures. 
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Public Key Infrastructure (PKI) 

A PKI is defines as a structured system that provides key management facilities, storage and management 
facilities of digital certificates and involves a certification authority. PKI has its application in online 
contracts, e-banking, electronic payment systems such as electronic checks, credit card based systems, 
electronic cash, micro payment systems etc. 

Key Length 

A cryptographic key is represented as a string of binary digits — O’s & 1 ’s- inside a computer. If a key is 1 bit 
in length it means two possible keys, that is, 0 and 1. If a key is 2 bits in length it means four possible key 
values, 00, 01, 10 and 11. A Key having 3 bits length means 8 possible values 

000,001,010,011,100,101,110,111. From this, one can derive a general formula, that is, Number of keys = 

2 (number f bits) 
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Lesson 24 


SYMMETRIC KEY ALGORITHMS 

Cryptographic algorithms are measured in terms of key length. Following is the list of some popular 
symmetric key algorithms: 

^ DES (Data Encryption Standard) — 56 bits 

+*■ IDEA (International Data Encryption Algorithm (IDEA) — 128 bits 
^ RC2 — (block cipher) 1 -2048 bits 
RC4 (stream cipher) — 1-2048 bits 
^ Rinjdael - 128-256 bits 


Attacks on Symmetric Key Algorithms 

Following attacks have been reported on symmetric key algorithms: 
^ Key Search Attacks 
Cryptanalysis 
^ System-based Attacks 


Key Search (Brute Force) Attacks 

In this type of attack an attempt is made by the attacker to decrypt the message with every possible key. 
Thus, the greater the key length, the more difficult it is to identify the key. 

Cryptanalysis 

Encryption algorithms can be defeated by using a combination of sophisticated mathematics and computing 
power so that many encrypted messages can be deciphered without knowing the key. Such type of an attack 
is called cryptanalysis. 

System-Based Attacks 

In it the attack is made on the cryptographic system that uses the cryptographic algorithm without actually 
attacking the algorithm itself. 

Public Key Algorithms 

Following is the list some popular public key algorithms: 

DSS — Digital Signature Standard based on DSA (Digital Standard Algorithm) — 
key length is between 512-1024 bits 
^ RSA 

Elliptic Curves 

Attacks on Public Key Algorithms 
Key Search Attacks 

The public key and its corresponding private key are linked with each other with the help of a large 
composite number. These attacks attempt to derive the private key from its corresponding public key using 
that number. According to an estimate 1024 bit RSA public key may be factored due to fast computers by 
2020. Note that both symmetric and asymmetric algorithms are based on different techniques. In case of 
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asymmetric algorithms the increase in key length does not much increase the difficulty level for the attacker 
as compared to symmetric algorithms. Thus, a 128-bit RC2 symmetric key may prove to be much stronger 
than a 1024 bit RSA asymmetric public key. 

Analytical Attacks 

Such attacks use some fundamental flaw in the mathematical problem on which the encryption system itself 
is based so as to break the encryption. 

Quantum computing is the branch of computer science that deals with the development of cryptographic 
algorithms. It can also be used to find flaws in the cryptographic system/algorithms and to launch attacks. 

Electronic Payment Systems 

Most of the electronic payment systems on internet use cryptography in one way or the other to ensure 
confidentiality and security of the payment information. Some of the popular payment systems on internet 
include the credit-card based payment systems, electronic checks, electronic cash, micro-payment systems 
(milicent, payword etc.) 

The Process of Using Credit Cards 

It may be useful to see how payment is made through a credit card in the traditional sense. Fig. 1 below 
shows the steps to be followed in this regard: 


Card Holder .► 

Merchant 

2. Show 



Credit Card 

3. Authorization 



Fig- 1 


1. A potential cardholder requests an issuing bank in which the cardholder may have an account, 

the issuance of a card brand (like Visa or MasterCard). The issuing bank approves (or denies) 
the application. If approved, a plastic card is physically delivered to the customer’s address by 
mail. The card is activated as soon as the cardholder calls the bank for initiation and signs the 
back of the card. 

2. The cardholder shows the card to a merchant whenever he or she needs to pay for a product or 

service. 

3. The merchant then asks for approval from the brand company (Visa etc.) and the transaction is 

paid by credit. The merchant keeps a sales slip. 
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4. The merchant sends the slip to the acquirer bank and pays a fee for the service. This is called a 

capturing process. 

5. The acquirer bank requests the brand to clear for the credit amount and gets paid. 

6. Then the brand asks for clearance to the issuer bank. The amount is transferred from issuer to 

brand. The same amount is deducted from the cardholder’s account in the issuing bank. 

Note that in case of a credit card the issuer bank charges interest from the client at a specified rate on the 
amount lent. On the other hand, in case of a debit card no such interest is payable since the customer uses 
his/her own money in that case. 

Virtual PIN Payment System 

It is one of the earliest credit card-based systems launched for the internet in 1994 by a company; First 
Virtual Holdings, Inc. Virtual PIN system does not involve the use of encryption. Payment is made through 
the credit card in this system. The objective was to allow the selling of low-value information items without 
the use of any special client software or hardware. 

Both merchants and buyers are required to register with First Virtual (FV). A buyer registering with FV 
forwards his or her credit card details and email address to FV and in exchange receives a pass phrase called, 
Virtual PIN. Buyer makes a telephone call to FV to provide his/her credit card number. FV establishes a 
link between the Virtual PIN and the credit card number without using the credit card number on the 
network. A Merchant goes through a similar registration process. He provides his bank details to FV and is 
given a merchant Virtual PIN. The merchant can now request to process payments from registered FV 
customers. The transfer takes place with the help of Automated Clearing House (ACH) service. Note that 
an ACH is a centralized system to which different banks are electronically connected forming a network for 
clearing payment requests. At the end the payment proceeds from the credit card issuer bank to the account 
of the merchant with acquirer bank (merchant’s bank) through ACH, after FV deducts a per-transaction 
charge for its services. 

Fig. 2 below shows the working of Virtual PIN payment system. 


Buying with First Virtual 



Fig. 2 

A buyer browses the web server where FV registered merchant is selling goods. The buyer is asked to enter 
his/her Virtual PIN by the merchant site (step 1). Merchant queries the FV Internet Payment System 
Server (FVIPSS) to confirm Virtual PIN (step 2). If Virtual PIN is not blacklisted (step 3), the merchant 
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may acknowledge this fact to the buyer by email and sends the goods, and also sends transaction details to 
FV (steps 4 & 5). FVIPSS or simply FV server sends email to the buyer if the goods were satisfactory 
(step 6). There are three possible answers to that (step 7). If the answer is “accept” then the payment 
proceeds, in case the answer is “reject” it means that either the goods have not been received or the buyer is 
not satisfied with the quality of goods. Then the payment is not made to the merchant. If the answer 
indicates “fraud” it means that the goods were never ordered. In such an eventuality the FVIPSS 
immediately blacklists Virtual PIN so that it cannot be used in the future. 

Time period may be a few minutes to a few days for answering the email in step no. 6 above, otherwise 
FV shall proceed to arrange the payment. If a Virtual PIN has been stolen and the buyer does not 
indicate fraud within the time period for answering the said email the bogus transactions are possible 
before the Pin is finally blacklisted. A stolen credit card number can also be used to set up Virtual PIN 
associated with an email address controlled by the attacker to carry out bogus transactions. 
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Lesson 25 


VIRTUAL PIN PAYMENT SYSTEM 


A Virtual PIN can become compromised as a result of eavesdropping and bogus purchases are possible 
before it is blacklisted. Stolen credit card number can also be used to set up Virtual PIN associated with 
email addresses controlled by the attacker to carry out bogus transactions. After every 90 days buyer’s credit 
card account is billed for the charges that have accumulated and the merchant’s account is credited 
accordingly. FV does accounting for merchant and buyer; therefore, it takes a commission per transaction 
according to its policy. 

Advantages and disadvantages 

Simplicity and no encryption is the biggest advantage of this payment system, which means that no special 
software is needed at the frond end. This payment system is good for low-cost information items. 
Therefore, it is suitable for buying online articles/journals/music etc. where the cost of the items is not 
much. In that eventuality, only sales are lost rather than actual financial loss to the merchant if there is a 
fraud. In other words, only some extra copies of the information items are made in case of a fraud. On the 
other hand merchant is exposed to much greater financial loss if the purchase relates to the actual physical 
goods. One of the disadvantages of this payment model is that pre-registration of the buyer and the 
merchant with FV is mandatory in this set up. Moreover, maintaining a bank account (in case of merchant) 
and having a credit card (in case of a buyer) is also essential part of this system. One can say that the 
merchant side is less secured in the transaction because the goods are delivered by the merchant before the 
payment is actually received. The popularity of this payment system declined after 1998 mainly because of 
the introduction and development of encryption based payment mechanisms. 

Centralized Account Payment Model 


This is a popular payment system on the internet. In this both the payer (buyer) and the payee (merchant) 
hold accounts at the same centralized on-line financial institution. Over 20 payment systems use this 
approach e.g., PayPal, E-gold, Billpoint, Cybergold, Yahoo! Pay Direct, Amazon.com Payments etc. This 
model is shown in Fig. 1 below: 


User to user payment in centralized 


account systems 


Account ID Amount($) 


| Account System 

k @domainl.com 110 


,/ \ N^ 

i@domain2.com 15 

1. Payment transfer 

2. Email 

3. Web payment 

authorization over 

payment 

verification over SSL 

SSL / 

notification 

\ \ 

I User A 


1 User B 

A (Payer) 


(Payee) 


Fig-1 


On-line opening/funding of one’s account is done in a centralized bank using credit/debit card or prepaid 
cards. To make payment an account holder is authenticated using an account identifier and a password, 
account identifier of the payee and the payment amount. All communication between the user and the bank 
is protected using SSL (Secure Socket Layer), which is an encryption based protocol. The chosen account 
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identifier or the account ID is the one which is unique within the system against which the funds are lying 
in the online bank. Normally, the unique email addresses of the users are chosen as account identifiers. 
Payees are notified by email of the payment which they can confirm by viewing their account using SSL. A 
payee must open an account with the online centralized bank to receive the amount in case there is no such 
account already. In some payment systems which use this approach a question may be sent to the payee to 
verify his identity where the payer is not sure of that. For instance, Yahoo Paydirect allows a payer-specified 
question to be sent to the so called email of the payee. If the payer accepts the answer as proof of the 
correct identity of the payee the money is transferred otherwise the transaction is cancelled. 

The centralized bank (depending upon its policy) charges a transaction fees either from the payer, or payee 
or both on funding an account or withdrawing funds from an account or receiving payments by the 
payee/merchant. This payment model requires that all participants must have their account with the same 
central payment system/bank. Note that the payee can eventually withdraw the money received in his 
account in the centralized bank through Automated Clearing House (ACH). 

Electronic Checks 


Financial Services Technology Consortium (FSTC) is a group of U.S banks, research agencies and 
government organizations formed in 1993. It has introduced the concept of electronic checks. An electronic 
check contains an instruction to the payer’s bank to make a specified payment to a payee. Both, symmetric 
and asymmetric type of cryptography is used in this system. The payer and the payee are issued digital 
certificates in X. 509 standard format by their respective banks. These certificates are used to verify the 
digital signatures on the check. A bank may include account restrictions, maximum check value, or 
currencies allowed by the bank in the certificate. 


All individuals capable of issuing electronic checks will have an electronic check book device. An electronic 
check book device is a combination of secure hardware such as a smart card and appropriate software. A 
smart card is usually the size of a credit card having special software loaded on it. Information regarding 
secret/private key, certificate information and register of what checks have been signed/endorsed is 
normally stored in the smart card. Fig. 2 below shows the working of an electronic check in its typical 
format: 



Fi & 2 

A payer uses the electronic check book device in his computer system to generate a blank electronic check 
after filling the information regarding amount, date etc., and the electronic check is digitally signed by the 
payer through his private key. A certificate issued by the payer bank authenticating public key of the payer is 
also attached with the electronic check. This information is then sent to the payee in a secure envelope 
through email. A secure envelop is created when a user encrypts any information with a symmetric key, and 
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then that symmetric key itself is encrypted with the public key of the receiver. Accordingly, the payee, in this 
case, decrypts the secure envelop by first retrieving the symmetric key (by applying his private key), and 
then using that symmetric key to decrypt the information contained in the electronic check. The payee 
endorses (counter-signs) the check using some secure hardware device such as a smart card and forwards 
the check to the payee’s bank in the form of a secure envelop. The bank clears the check with the help of 
traditional Automated Clearing House (ACH). Accordingly, the account of the payer is debited and the 
payee’s account is credited. The banks send email statement to the respective parties. 

Depending on the availability of processing infrastructure, there are four different scenarios for the 
processing of an electronic check. These are shown below in figures 3-6. EFT stands for ‘electronic 
funds transfer 5 . 



Fig. 3 



Fig. 4 
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Fig. 6 
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E-CASH PAYMENT SYSTEM 


Lesson 26 


A company, DigiCash, has pioneered the use of electronic cash or e-cash. Anonymity of the buyer is the key 
feature of this system. There are three participants in it, namely, buyer, merchant and bank. Both, symmetric 
and asymmetric type of cryptography is used in this system. 

Buyers and merchants, both, have accounts in the E-cash bank. Buyers withdraw coins against their 
account and store them in e-cash wallet software (Cyber wallet) on their computer. Cyber wallet stores and 
manages coins and records every transaction. Merchant forwards coins to e-cash bank which ensures that 
these have not already been spent and credits the account of the merchant. 

E-cash Coins 

The currency used in this payment system is called an e-cash coin or simply coin. A coin consists of three 
elements or parts - serial #, key version and serial no. signed by the secret or private key of a certain 
denomination of the e-cash bank. In other words, a coin of one dollar would consist of the following: 

Coin = Serial#, keyversion, {Serial #}SK bank’s $1 key 

Each coin has a unique value, partly minted by the client and partly by the e-cash bank. 

Minting of the coin 

A long serial no. is randomly generated by the client’s Cyber wallet in order to mint a coin. This serial no. is 
blinded, which means that it is multiplied with a blinding factor “r” and sent to the e-cash bank for 
signatures. Thus, the e-cash bank cannot see the serial no. it is signing. Key version (corresponding public 
key of the bank) is also part of the coin, and is sent usually at the time of account opening. An e-cash bank 
may have 1 dollar signature, 5 dollar signature or 10 dollar signature etc. If the client wants to mint a coin of 
2 dollars then e-cash bank would use its private or secret key of 2 dollars to sign the serial no. 

How bank signs blindly? 

Cyberwallet generates a serial # and a blinding factor ‘r\ This blinding factor “r” is only known to the client. 
It is used in the following mathematical expression which is sent to the bank for signatures. 

Serial # . r e2 (mod m) 

Public key of the bank consists of modulus c m’ and a no. ‘e\ Bank signs with its secret key of 2 dollars (d2) 
such that: 

(Serial #. r e2 ) d2 (mod m)=Serial# d2 .r e2d2 (mod m) 

(Serial #. r e2 ) d2 (mod m)=Serial# d2 .r(mod m) 

The product of e2 and d2 cancel out each other due the property of inverse relationship of keys. Bank 
cannot see serial # it is signing since it does not know Y. The expression “Serial# d2 .r(mod m)” is sent back 
by the bank to the client, who divides it with “r” to get the third part of a valid 2 dollar coin as follows: 

Serail# d2 .r(mod m)/r=Serial# d2 (mod m) 

Thus, minting of a 2 dollar coin is completed. In a similar fashion one can withdraw or mint coins of 
different denominations. E-cash bank signs the serial nos. and debits the account of the client. A client must 
maintain his account with the bank. So, if a client has $ 50 in his account with the e-cash bank and requests 
for the coins of a total value of $ 10, the amount left in his account after bank’s signatures on the serial nos. 
would be $ 40. 
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Working of the E-cash model 

Fig. 1 below shows the e-cash model: 


E-cash Model 


• signs coins 

• user accounts 

• database 


Withdraw/ 
Deposit / 
coins/ 


Ecash Bank 


New Coins, 
statement 


Validate x 
+deposit 


Valid indication 


Client «- 

Wallet 

• stores coins 

• makes payments 

• accepts payments 


Pay coins 


Goods, Receipt 


Merchant 

Software 

• sells items 

• accepts payments 

• makes payments 


Fig-1 


Client wallet or cyber wallet can generate serial nos., store coins, make and accept payments. It can 
withdraw (get the coins minted) from the e-cash bank, and deposit coins at the payment stage to the bank. 
E-cash bank can issue new coins and send account statement to the client. On the merchant side, there is 
special merchant software. Thus, a merchant can sell items, accept payments from clients and also make 
payments. E-cash bank signs the serial nos., maintains accounts of the client and the merchant and also 
maintains a database in which the serial nos. of all such coins sent for payment are recorded. The client 
makes the payment to the merchant for the items bought. The payment is made through e-cash coins. Note 
that these coins are earlier got minted with the help of e-cash bank and remain stored in the cyber wallet. 
The coins are encrypted with the public key of the bank and are forwarded to the merchant for onwards 
deposit to the bank. The merchant cannot, therefore, view these coins. E-cash bank decrypts the coins 
using its corresponding private key and compares the serial nos. , thus revealed, with its database of spent 
coins to check the validity of the coins. If a revealed serial no. is not contained in the database, it proves that 
the coin is valid and unspent. The bank then sends the valid indication to the merchant and adds that 
particular serial no. in its database to prevent any chance of its being consumed in the future. The merchant 
then sends the goods and receipt of payment to the client. 
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E-CASH PAYMENT SYSTEM 


Lesson 27 


How anonymity is ensured in e-cash payment system? 

Anonymity in e-cash system means that the identity of the client/buyer is not disclosed. Note that there are 
two main stages in this payment mechanism — minting stage and deposit stage. At minting stage the serial 
no. is signed by the e-cash bank to provide third part of a valid e-cash coin. At this stage the bank knows as 
to who amongst its different account holders or clients is requesting for the bank’s signatures on the serial 
no., but it does not know the serial no. it is signing due to the blinding factor “r”. On the other hand, the 
reverse is true at the deposit stage (when the coins are sent to e-cash bank for checking validity). Now, bank 
knows the serial no. (it had earlier signed blindly at the minting stage) but has no clue about the specific 
client who has sent them for payment purposes. The bank may have issued coins to many of its clients. It 
would not be known to the bank at the deposit stage that who amongst them has done the shopping and is 
making the payment now. Thus, by scheme, the relationship between the client and the serial no. is broken 
at the minting and deposit stage to ensure anonymity of the client. This concept may also be illustrated as 
follows: 

Minting Stage 

Serial number (unknown) Client (known) 

Deposit Stage 

Serial no. (known) Client (unknown) 

Withdrawing Coins 

Many coins of different denominations can be obtained in a single request to the bank. 

The request is signed by the client with his private key and contains information about the serial nos. to be 
signed. The request is encrypted with a symmetric key and that symmetric key is encrypted with the public 
key of the bank, thus creating a secure envelope. The bank signs serial nos. in order to mint coins of 
requested denominations and forward them to the client/buyer. 

E-cash Purchase 

Having received an order the merchant sends a payment request to the client in the following format: 
Payreq= {currency,amount,timestamp,merchant_bank ID, merchant_accID, order description} 

Cyber wallet automatically assembles the correct payment amount and pays. 

Making the Payment 

Coins used in the payment are encrypted with bank’s public key, preventing the merchant to view them. 
Payment information is forwarded to the bank with encrypted coins during merchant’s deposit. Only hash 
of the order description is included in payment information preventing the bank from knowing the order 
details. 

Proving the Payment 

Payer code is a secret generated by the client. A hash of it is included in the payment information so that 
client can later prove the payment if need be. 
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Fig- 1 

For instance, the client may choose the word “Bluesky” as a code. By applying a hash function on this code, 
a message digest is obtained. Hash function and message digest are sent to the bank. In case a dispute arises 
and the payer has to prove that he had made the payment, he can forward the word/code “Bluesky” to the 
bank and request it to apply the hash function on it (which was earlier sent to the bank). If, on applying the 
hash function, the message digest comes to be the same as earlier available with the bank, it means that the 
person claiming to be the payer had succeeded in proving his payment, since only he was supposed to know 
the word “Bluesky”. 

Payment Deposit 

A deposit request encrypted with bank’s public key accompanies the payment information. E-cash bank 
maintains a database of spent coins. On receipt it checks whether the coin is valid and whether it has 
already been spent or not (to prevent double spending) by referring to its database. If the coins are valid the 
bank credits the merchant’s account. Thus, if the client has sent valid coins worth $10 for payment to the 
merchant, and the merchant already has $90 in his account then an amount of $ 10 would be added in his 
account making it $ 100. Later, the merchant can request the e-cash bank to transfer this amount in his 
account with the acquirer bank. This can be done through ACH and the merchant can physically withdraw 
the money form the acquirer bank. 

E-cash bank plays a backbone role in this set up and charges a specified commission for its services from 
the client and the merchant depending on its policy. 

Lost Coins 

In case network fails or computer crashes during payment transaction, coins might be lost. All signed 
blinded coins from last 16 withdrawals are sent by the bank to the client. Client uses the blinding factor 
known to its wallet to reveal the serial #. It then sends all serial nos. to the bank for its verification whether 
or not the coins have already been spent. After checking its database the bank credits the client’s account 
with the value of unspent coins. 
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E-Cash & the Web 

Fig. 2 below shows how e-cash payment system can be applied on the web: 


E-Cash & the Web 




Fig. 2 

Client wallet and web browser are installed on the client machine. Web server software and merchant 
software are installed on the sever machine. A client selects an order and web server starts the merchant 
software/wallet (steps 1 & 2). Payment request is made by the merchant software and the client wallet pays 
through e-cash coins (steps 3 & 4). Merchant deposits the coins to e-cash bank for checking validity (step 
5). If the coins are valid an acceptance message is made to the merchant following which the receipt of 
payment is sent to the client by the merchant (steps 6 & 7). Merchant software intimates the web server to 
send goods which acknowledges the fact to the web browser (steps 8 & 9). 
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Lesson 28 

SECURE SOCKET LAYER (SSL) 

SSL is a protocol developed by Netscape Communications. SSL is built into many browsers. It operates at 
the TCP/IP layer of the OSI model, and uses a combination of symmetric and asymmetric cryptography. If 
there appears the word “https” in a URL, (e.g, https://www.microsoft.com) it indicates that the web server 
hosting this web site is SSL enabled. So, if a client machine is configured for SSL then any exchange of 
information between such a client and the web server would be in the encrypted form. 

To configure a client machine for SSL following steps are required: 

Internet Explorer:Tools menu->Internet options->Advanced tab-> Security (use SSL option can be 
checked) 

SSL Handshake 

SSL supports a variety of encryption algorithm and authentication methods. The combination of algorithms 
and methods is called a cipher suite. When a client connects to an SSL server, the SSL handshake begins, 
which means that the two negotiate a cipher suite selecting the strongest suite the two have in common. 
Thus, the handshake establishes the protocols that will be used during the communication, selects 
cryptographic algorithms and authenticates the parties using digital certificates. 

To start the SSL handshake process, a client sends a message to the server, the server responds and sends its 
digital certificate that authenticates its public key. The client (customer’s browser) generates a secret 
symmetric key for the session. The client encrypts the secret key using the public key that it has just 
received and transmits it to the server. The server decrypts the message using its private key and now has 
the secret or symmetric key. Further communication between the customer’s browser and the merchant’s 
server can now be encrypted and decrypted using the secret session key. 

SSL is commonly applied in online shopping as the customer puts in his/her credit/debit card information 
on the web form for payment purposes. If the web client and the server are SSL enabled, the SSL 
handshake would begin when the client enters the URL starting with “https”. This handshake can be 
accomplished in seconds. The web form opens before the client. The client enters information in the text 
boxes of the form and on pressing ‘submit’ all such information is automatically encrypted with the agreed 
secret or session key. This secured/encrypted information travels across the internet and is retrieved by the 
server side where it is automatically decrypted with the help of same secret or session key. Even if someone 
intercepts the information, he cannot make any sense out of it because of encryption. 

The greatest advantage of SSL is its simplicity. Since SSL is built into many browsers, no special encryption 
software is required either on the client or the server side. However, a drawback of SSL is that the merchant 
can store credit/debit card information after decryption that can be accessed by unauthorized parties from 
the merchant’s database. 
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The process of SSL handshake is also explained in Fig. 1 below: 


SSL Client (browser) SSL Server 



Fig-1 

Secure Electronic Transaction (SET) 

The drawback in SSL that the credit card/debit card information remains with the merchant led to the 
development of a more sophisticated protocol called SET. It was developed in 1997 jointly by Visa, 
MasterCard, Netscape and Microsoft. There are four entities involved in a SET transaction — cardholder, 
merchant, and certification authority and payment gateway. The role of payment gateway is to connect 
entities on the internet with those which are not on the internet such as the electronic network of banks (see 
fig. 2 below). Payment gateway provides the security of data transmission to/from the acquirer bank. 
Merchants must have special SET software to process transactions. Customers must have digital wallet 
software that stores certificates and card information. 
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Fig. 2 


Dual Signature in SET 

SET hides customer’s credit card information from merchants and hides order information from banks to 
protect privacy. This scheme is called Dual Signature. 

A dual signature is created by combining two message digests and creating a new digest called Dual 
Signature Message Digest (DSMD). Fig. 3 below explains how the scheme of dual signatures is 
implemented in SET. 


Buyer/Bidder 


Offer for Items 

•Encrypted message includes 
amount offered on the item, 
but no account information 

•MD1 encrypted with Bidder's 


•Encrypted message authorizing private key 

payment to the auction 

house if offer is 

accepted, but no details 

about what item is bought 

•MD2 and DSMD 

encrypted with 

Bidder's private key 


Acquirer Bank 


•Decrypt account information with acquirer private key 
•Decrypt offer acceptance message with acquirer private 
key 

•Decrypt MD2 and DSMD with bidder's public key 
•Decrypt MD1 from step no. 3 with auction house's public 
key 

•Concatenate MD1 and MD2 

•Recompute dual signature and verify against DSMD sent 
by bidder 


Merchant 
Dr Auction house/ 


•Decrypt message 
with auction house 
private key 
•Decrypt MD1 with 
bidder's public key 
•Determine 
whether to 
accept bid 

•Encrypted 
message that 
offer is accepted(j3j) 
from bidder 
•MD1 encrypted 
with auction 
house's private 
key 


Fig. 3 
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SET software on the customer side splits the order information from the account information. MDI is the 
message digest obtained by applying hash function on the order information. MD2 is the message digest 
obtained by applying hash function on the account information. Both, MDI and MD2 are concatenated and 
a third message digest, DSMD, is obtained by again applying the hash function on the concatenated 
message digests. The order information or the offer for items is forwarded to the merchant/auction house 
in an encrypted form along with its message digest (MDI) signed with the private key of the buyer/bidder 
(step lb). The merchant/auction house decrypts the order information/offer and verifies the signatures of 
the buyer/bidder through his/her digital certificate (step 2). If the order/offer is acceptable to the 
merchant then the merchant signs the received MDI with merchant’s private key and sends it to the 
acquirer bank along with an encrypted letter of acceptance to the offer (step3). On the other hand, the 
buyer sends the text based account information (credit card details) to the acquirer in an encrypted form. 
The buyer also sends MD2 (message digest related to account information) and DSMD to the acquirer bank 
signed with his/her private key (step la). The acquirer bank decrypts this information. Mainly, the acquirer 
bank receives four pieces of information as follows (step 4): 

MDI from merchant/auction house related to order information 
^ Account information in encrypted form from the buyer 
^ MD2 related to account information from the buyer 
^ DSMD from the buyer 

Acquirer bank concatenates MDI and MD2 and applies the hash function to compute a message digest. 
Note that if this message digest is the same as the DSMD received by the acquirer, it ensures that a 
particular order information or offer is related to particular account information. At the same time, we have 
achieved our purpose that the order information should not reach the bank and the account information 
(credit card no. etc.) should not reach the merchant/auction house. 

SETCo. 

SETCo. is a company formed to lead the implementation and promotion of SET specifications It ensures 
that the vendors of SET software comply with the requirements laid down by its originators. A merchant 
holds certificate from card brand indicating that the merchant is authorized to accept credit card payment. 
The customer holds certificate from the card issuing bank. SETCo acts as a root certification authority in 
the certification hierarchy (see Fig. 4 below) 



Fig. 4 
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SSL vs. SET 


^ SSL only handles secured transmission of credit card no. but SET is designed to handle the whole 
transaction in a secured manner using dual signatures. 

SSL is a general purpose protocol built into the browser, whereas SET requires software on, both, 
the client and the merchant side. 

^ SET uses a hierarchy of certificates for authentication. 

^ SET is complex and distribution of certificates is sometimes not stable. 

SET increases transaction cost. 

SET transactions are slower than SSL. 

^ SET uses a payment gateway for secured transmission of information. 

E-Business 


An e-business is defined as a company/entity that has an online presence. E-businesses that have the ability 
to sell, trade, barter or transact over the web can be considered as e-commerce businesses. An e-business 
model is defined by a company’s policy, operations, technology and ideology. 

Advantages of E-business 


Some of the major advantages of an e-business as compared to a traditional business are as under: 


Personalized service 
High-quality customer service 
No inventory cost 
Worldwide reach of the business 

Electronic catalogues (convenient and quick transaction) 
Bulk transactions 

Improved supply chain management 
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E-BUSINESS 


Lesson 29 


Advantages of E-business 

Some advantages of an e-business are given as under: 

Personalized service 

Product, place, price and promotion are generally recognized as the 4 P’s of marketing in relation to 
traditional offline businesses. However, personalization is the 5 th C P’ added to the other 4 P’s when we talk 
about an e-business. In fact, the nature of internet technology is such that the information about the online 
customers including their buying behavior can be recorded in the databases. This information can be 
utilized by the e-commerce site to study the needs of a particular customer. Based upon that the site can do 
customization and provide a personalized service to the customer. 

High-quality customer service 

Customers can provide their feedback or register their complaints quite conveniently in case of online 
business as compared to offline business, and in light of that an e-business can improve its customer 
services. 

No inventory cost 

An e-business can have minimum overhead cost. You do not need to have any special physical place to start 
your business or hire any staff to operate the business as required in offline business. One can start an e- 
business as an intermediary or a middle man. In that case one does not require any warehouses for holding 
the inventory. An e-business can receive orders and get them fulfilled by procuring the ordered goods form 
open market without bearing the inventory cost. 

^ Worldwide reach of your business 

An online business has global reach. In a way people living anywhere in the world are potential customers 
of an e-business. Moreover, the e-commerce site is open 24 hours a day, so shopping can be done from 
there at any time. 

Electronic catalogues 

Electronic catalogues are used in case of an online shop. They have many advantages over paper catalogues. 
Therefore, online shopping can be done more quickly and in a more convenient environment. 

■flF" Bulk transactions 

One can do bulk transactions during one visit to an e-shop, since there is no limitation of collecting, 
packaging or carrying goods in contrast to shopping from a traditional offline shop. 

Improved supply chain management 

Typical members of a supply chain management are suppliers, manufacturers and end customers. If 
suppliers of raw material have online presence, the manufacturers can place emergency orders to them, 
which can be electronically/quickly processed on the supplier side. Thus, just in time delivery of raw 
material is possible without requiring the manufacturer to arrange for the accommodation to hold the 
inventory. Ultimately, the goods can be quickly delivered to the end customers due to the improved supply 
chain management. 
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Disadvantages of E-business 

Some disadvantages of an e-business are given as under: 

Less security 

The biggest obstacle in the growth of e-commerce is the issue of security. Internet is not a secured medium 
of communication. There are tools or options available to hackers whereby they can not only monitor but 
also control any data communicated over the internet. Particularly, people are not comfortable while 
providing their financial information (credit card no. etc.) online due to the fact that this information can be 
hacked and misused. 

Less privacy 

The nature of internet technology is such that private information of the online customers can be easily 
collected and recorded on the server side. The buying pattern of a customer can be known to an e-shop 
with the help of certain sophisticated tools. You know that cookies can be used to track customers online. 
On one hand these technologies are useful for doing customization but on the other, they can be said to 
have caused the breach of informational privacy rights of a person. 

^ No physical proximity with items purchased 

In certain cases the customers cannot decide about buying a thing before they can physically examine it. For 
example, a customer would ideally want to touch and feel the texture of a piece of cloth before buying. 
Similarly, a customer would actually want to smell a perfume before purchasing it. In the above or any 
similar case, people cannot expect to physically examine/test the thing while buying it online. Rather, they 
would prefer to buy such things from physical shops. An e-business has a limitation in this regard. 

Online catalogues vs. Paper catalogues 

Paper catalogs 

Advantages 

Easy to create a catalog without high technology 
& Reader is able to look at the catalog without computer system 
^ More portable than electronic catalog 

Disadvantages 

Difficult to update changes in the product information 
^ Only limited number of products can be displayed 

Online or electronic catalogs 

Advantages 

^ Easy to update product information 
^ Able to integrate with the purchasing process 
^ Good search and comparison capabilities 
^ Able to provide timely, up-to-date product information 
^ Can provide broad range of product information 
Possibility of adding voice and motion pictures 
^ Cost savings 
^ Easy to customize 
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Disadvantages 

^ Difficult to develop catalogues 

^ Large fixed cost if used for small no. of products 

4 ^ Need for customer skill to deal with computers and browsers 

E-Business Models 

Following are some popular online businesses that one currently finds on the web: 

Storefront Model 

It represents basic form of e-commerce where buyers and sellers interact directly. Merchants need to 
organize online catalog of products, take orders through their websites, accept payments in a secure 
environment and send items to the customers. They can also store and manage customer data in databases. 
A storefront model uses the shopping cart technology which allows customers to accumulate items they 
want to buy during shopping. This is quite popular in B2C transactions. 

Auction Model 

In this model there are auction sites to which the users can log-on and assume the role of a bidder or seller. 
As a seller, one has to specify the minimum price to sell one’s item (called reserve price), the description of 
the item and the deadline to close the auction. At the end of the auction, the seller and the bidder are 
notified by the auction site and the payment mechanism and delivery mode is worked out. Auction sites 
charge commission on sales. 

Online Banking 

There is an online bank providing banking services to the customers through internet including services of 
electronic funds transfer. 

^ Online Trading and Lending 

Online trading is buying and selling of stocks/shares of listed companies using internet. Many brokerage 
houses have established an online presence. Online lending is providing loan through an internet 
transaction. 

^ Online Recruiting 

Employers can recruit and job searchers can search for jobs effectively through online recruiting web sites. 

^ Online News Services 

Many newspapers/magazines have online presence, providing 24-hour updates. Online publishing is 
attractive because printing and distribution costs are not involved in it. 

Online Travel Services 

One can make travel arrangements online without going to travel agent. It is convenient and less costly. 
There are online businesses which help customers find discount fares for airline tickets, hotel rooms and 
rental cars or assist in case of lost luggage. 

^ Online Entertainment 

Internet technology can quickly provide information with high quality multimedia. Therefore, such e- 
businesses have emerged which sell music albums, movie tickets, video films etc. The content can be easily 
downloaded by the customer in this case. 
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-SF Online Automotive Sites and Energy Online 

Certain web sites allow users to search and purchase new and used cars and their spare parts. Also, there are 
sites where buyers and sellers can buy, sell and distribute energy (oil, electricity etc.) on the web. 

Selling Intellectual Property Online 

Some e-businesses deal in the sale of intellectual property rights of companies such as patents, trade marks, 
trade names etc. 

Online Art Dealers 


Artwork can be bought from the web at a discount, e.g pictures, paintings, posters etc. 

<P E- Learning 

Universities and various training institutes are offering high-quality distance education over the web. E- 
books and other reading material can be easily downloaded to one’s computer. Virtual University is an 
example of this type of business model. 

^ Online Service Providers 

These e-businesses help improve policies, procedures, customer service and general operations of other 
businesses. They can provide consultancy/professional services, for example, web site development 
services, online legal consultancy services etc. 

^P Online Shopping Malls 

Online shopping malls are those web sites which present customers with a wide selection of products 
and services at a single place. Thus, Instead of making several separate purchases, customers can use the 
mall’s shopping cart technology to purchase items from many stores in a single transaction. 

■^P” Portal Model 

Portals are the web sites which provide chance to the visitors to find almost everything in one place. 
Horizontal portals provide information about a very broad range of topics. Search engine is the 
example of a horizontal portal. Vertical portals provide information pertaining to a single area of 
interest. Community Portals such as those related to medical or legal profession are the examples of a 
vertical portal. Online shopping is a popular addition to the some portals such as ‘yahoo.com’. Portals 
allow users to browse independently owned storefronts unlike online shopping malls. 

Brick-and-Mortar vs. Click-and-Mortar businesses 

These two terms refer to the offline and the online businesses, respectively. Where a company is doing its 
business both online and offline, there is often the problem of lack of proper integration between the two 
different channels of business. 
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E-BUSINESS REVENUE MODELS 


Lesson 30 


Experts have identified following revenue models on the web: 

Web Catalogue Revenue Model 

Though the goal of an e-business can be to reduce cost or improve customer service, however, the primary 
aim of most e-commerce sites is to generate revenue and earn profit. This is the most simple and common 
type of e-business model for generating revenue. This model would use electronic catalogue and shopping 
cart providing access to customers throughout the world. Businesses using this type of a model include 
online sellers of computers, electronic items, books, music, videos, toys, flowers, gifts, clothes etc. Payment 
received from customers is the source of earning revenue. 

Digital Content Revenue Model 

Web serves as a very efficient distribution mechanism of content. Therefore, one finds many e-businesses 
that offer different types of information services such as legal information, corporate information, 
government information, news and resources for academic libraries etc. These services can be customized 
by an e-business for different firm sizes depending upon their needs and usage pattern. Normally, a 
customer has to subscribe to such services by paying certain amount as subscription fee. This fee becomes 
the main source of generating revenue for the e-business. Instead of subscription fee, a credit card charge 
option can be made available for infrequent users. Online journals, newspapers, libraries fall under this 
category. Note that E-publishing eliminates high costs of paper printing and delivery of digital content is 
much quicker. 

Advertising-Supported Revenue Model 

In this model service/information is provided free of any charge to certain audience and the advertising 
revenue is sufficient to support the operation of the business and its cost. For example, Yahoo portal 
provides useful information and a search engine free of cost, but earns revenue through advertisements on 
its portal web site to bear the operational cost. 

Advertising-Subscription Mixed Revenue Model 

In this type, subscribers pay a fee and accept some level of advertising. Thus an e-business can earn its 
revenue from both the sources, that is, through subscription and advertisements. On web sites that use this 
model, normally, the subscribers are subjected to much less advertising than they are on advertising- 
supported sites. For instance, in case of certain online newspapers, a customer has to pay subscription fee 
for certain services/information whereas some services are free of charge as they are supported by 
advertising. 

Fee-for-Transaction Revenue Model 


There are businesses offering services for which they charge a fee based on the number or size of 
transactions they process. The business provides information to the customers which is required to 
complete a transaction and revenue is purely earned on that basis. For example, online travel agents receive 
a fee for facilitating a transaction that includes the making of travel arrangement for their clients, as well as, 
advising them about lodging, transportation etc. Stock brokerage firms also use this model as they charge 
their customers a commission for each transaction of stocks/shares executed through them. 

Fee-for-Service Revenue Model 


This model does not relate to services provided by agents or brokers to complete a transaction (the above 
case). Rather, the fee is charged on the basis of value of some service rendered. Professional services 
provided online by lawyers, doctors, accountants etc. relate to this type of revenue model. E-businesses that 
provide online entertainment and online games are also the examples of this type. In case of online games, 


© Copyright Virtual University of Pakistan 


130 




E-Commerce - IT430 


VU 


visitors pay to the business either by buying and installing game software on their computers or by paying a 
subscription fee for playing online for a limited time. This earns revenue for the business. 

Internet Marketing 

Internet has opened a new door of marketing opportunity to the marketers. Consequently, a new branch in 
the field of marketing has developed very rapidly in the past few years known as internet marketing or e- 
marketing. This topic can be covered under following main headings: 

I Market Segmentation 
I E-mail Marketing 

i Banner Advertising 

& Promotions 
^ Public Relations 
^ Partnering 

i Customer Relationship Management 

i Creating Brands on the Web 

i Affiliate Programs 
^ Search Engines 

^ Global marketing 

I Market Segmentation 

Businesses need to identify specific portions of their markets in order to target them with specific 
advertising messages. The practice called market segmentation divides the potential customers into 
segments or groups. Segments are defined in terms of demographic characteristics such as age, gender, 
marital status, income level and geographic location. For example, unmarried men between 19-25 years of 
age may be called one segment. Traditionally, marketers have used three types of variables to define three 
different market segmentations, namely, geographic segmentation, demographic segmentation and 
psychographic segmentation. 

t Geographic segmentation 

In this type, customers are divided into groups on the basis of where they live or work. For example, urban 
and rural customers can be the two segments on the basis of geography. Different marketing plan would be 
required for each segment. 

I Demographic segmentation 

Here segmentation is done on the basis of demographic variables such as age, gender etc. Customers 
belonging to different age groups may have different product requirements. This type of market 
segmentation helps in identifying those requirements of different groups of customers. 

& Psychographic segmentation 

Here customers are grouped by variables such as social class, personality or approach to life or lifestyle. For 
example, a car manufacturing company may direct advertising for a sports car to customers who have a 
particular life style and like thrill in their lives. 

Variables used in different segmentations can be combined. So, income level can be combined with location 
to create a particular segment. 

^ Market Segmentation on the web 

Note that the concept of market segmentation is equally applicable to e-businesses as it applies to physical 
businesses. Moreover, one can easily provide a particular sales environment in case of an e-business as 
compared to offline business. In a physical store, one cannot easily change the environment for different 
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customer segments. Therefore, display options, lighting, music, sales persons remain the same for all 
customers groups in a physical shop. However, web gives opportunity to present different store 
environment online to different customer segments. So, a web site may have a web page for children with 
the right kind of web design for children, and have a different web page designed exclusively for the old 
people. In other words, web can easily and usefully provide separate virtual spaces for different market 
segments. Some web retailers allow their customers to create their own product. For example there are 
computer companies online that allow their customers to choose component of a computer to configure 
their own computer according to their need. This is called one-to-one marketing. 

( Behavioral segmentation 

Creation of separate experiences for customers based on their behavior is called behavioral segmentation. 
Three identified behavioral modes of the customers on the web are: 

Browsers — customers who just browse through the site with no intention of buying 
Buyers — customers who are ready to buy right away 

Shoppers — customers who are motivated to buy but want more information 

An e-business site should devise right combination of marketing strategy to lure visitors in different 
behavioral modes to become its customers. 

I Choosing a Domain Name 

Choosing a suitable domain name is the first thing to be considered at the start of an online business. Due 
to the worldwide nature of the web, choose a domain name that people coming form different 
countries/cultures will be able to recognize, remember and type easily. 

t Marketing Research 

It consists of interviews, paper and phone surveys, questionnaires, findings based on previous investigations 
etc. to find strengths and weaknesses of your business and the business of your competitors. It also includes 
the analysis of opportunities and threats to your business. In case of e-businesses, marketers have a faster 
option to find/analyze information about the industry, customers or competitors, because the information 
is just a few clicks away. This kind of marketing research can be extremely beneficial for the success of an e- 
business. 

I Web design 

Basically, the only interaction of an e-business with its customers is through the web site. So, a good web 
design is another very important factor for the success of an e-business. Note that in online environment 
the competitors of an e-business are just a few clicks away, so if your web site design is not catchy or useful 
enough the visitors might not wait and immediately switch to a competitor’s site. The cost of switching to 
competitors site is also very low in online environment. All this makes e-commerce very competitive. An 
internet marketer should particularly pay attention to the following considerations as regards web site 
design: 

Easy site navigation — give a site map 
Frequently asked questions (FAQs) section 
Conveniently located contact information 

Multimedia — use streaming video and audio — be aware the time each element takes to get loaded 
Privacy policy — outline the policy about intended use of customers personal details 
General outlook of the web site should be attractive making it sticky 
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E-MAIL MARKETING 


Lesson 31 


E-mail marketing campaigns are cheap and effective way to target potential customers. E-mails can 
instantaneously convey a marketing message to customers at distant areas. Personalized direct e-mails target 
customers with specific information — name, right product at the right time, special promotions etc. When 
your e-business is doing global marketing, e-mails can be first translated into proper languages as a 
personalization measure using specific translation software. Personalization technology (data mining) can 
also improve response rate tremendously. Where an e-business lacks resources for doing e-mail marketing 
on its own, it can outsource such campaign to outside firms. For instance, outsourcing services should be 
used when direct e-mailing becomes too difficult to manage and there is inadequate staff or technical 
support at the e-business level itself. 

E-mails can be used to improve customer service by adding an e-mail link to your web site. Thus, you can 
receive your customers’ complaints through e-mails. It should be ensured that your e-business is capable of 
handling expected volume of e-mails; otherwise it can bring poor reputation to your business when you 
receive complaints through emails but are unable to respond. Another advantage with emails is that they 
can be automatically sorted and sent to the relevant persons. E-mails can be used to inform customers 
about their order/shipment status etc. Internet mailing lists can also be conveniently used to send targeted 
personalized emails. You can also provide the “opt-in e-mail” option to your customers on your web site. If 
they opt for it, this means that they want to receive through email any product information, offers or 
promotions etc. in the future. Spamming is a term used to refer to mass e-mailing to customers who have 
not expressed any interest in a specific product or service. In different countries, spamming has been 
declared as an offence. E-mails can be combined with traditional direct marketing. Telemarketing (live 
interaction through telephone) and e-mails can be combined to reach prospective customers. Similarly, 
direct mailing and e-mails can also be combined. 

Promotions 

E-business promotions can attract visitors to your site and induce them to purchase. Promotional messages 
can be sent both online and offline. Some popular promotional methods are as under: 

Frequent-flyer miles 

The online business has a contract with an airline such that the customer of the business earns specific miles 
from the airline free of charge if he purchases from the online business items up to a certain value. 

Point-based rewards 

On the performance of a pre-specified action, customers can be entitled to point-based rewards — t-shirts, 
mugs etc. with the company’s logo etc. 

Discounts 

Discount advertisements through magazines, newspapers, web sites etc. can attract new and repeat 
customers. 


Free-trials 

Customers can sign up for a free service. For example, they can be allowed to download software for certain 
days free of cost on trial basis before buying it. 

Free shipping 

Shipping cost may not be charged on the delivery of certain items as an incentive for the customers. 

Coupons 

Online coupons are placed on certain popular sites to attract customers for online shopping. They can use 
these coupons for shopping through specific web sites. 
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E-Business Advertising 

Advertising is an attempt to disseminate information in order to effect a buyer-seller transaction. It is an 
impersonal and one-way mass communication paid for by the sponsors. Televisions, movies, newspapers 
and magazines are traditional ways for e-business advertising. On the other hand, Telemarketing and Direct 
marketing are attempts to personalize advertising in order to make it more effective. For e-business 
advertising it is important that your brand is unique and easy to remember. Publicizing URL on direct mails 
or business cards can increase brand awareness. 

Banner Advertising 

Web page banner ads are like small billboards containing graphics and an advertising message. These 
advertising messages are placed on popular web sites (host sites) which are frequently accessed and thus 
those who access a host site can look at the banner/advertising message and come to know about the 
brand/business which is advertising itself through the host site. The host site charges certain fee for 
providing space to the banner on its web site and thus generates income/revenue. This concept therefore is 
mutually beneficial for both the parties. Banners have different sizes and are placed on different positions 
on the web site. Banners can be simply for viewing as well as having link to the home page of the product 
or service. Business logo on a banner may increase brand recognition. Flashing, scrolling text, pop-up boxes 
and color changes grab viewer’s attention. So, these techniques can effectively be used for creating a banner. 
As a marketer you should note how many ads the host site already carries. Also, note which position has a 
better chance of click through. There can be specific times for banner advertisement. Banner advertising 
space can be expensive for peak traffic times. Exchanging banners with another site is also an option. Some 
sites carry banner ads for free. For example, a business selling computers can host the banner of business 
selling computer books free of charge. These are related businesses which support each other so there can 
be an indirect benefit to the computer business for carrying the banner of computer books business in the 
sense that the latter is likely to spread more awareness about computers. 

Advertising payment modes 

Following payment modes can be accepted between the parties: 

Monthly charges for online advertising 

Cost per thousand (CPM) — fee for every thousand people viewing the banner 
Pay-Per-Performance that includes: 

Pay-per-click — fee according to no. of click to your site 
Pay-per-lead — pay for every lead generated from the advertisement 
Pay-per-sale — pay the host for every sale resulting form a click through 
Exchanging advertising space on your site for advertising space on another’s site 

Note that the log file of the web server where the advertising web site is hosted contains a column in which 
the IP address of top-referring web site is recorded. Thus by studying the log file it can be found that how 
many visitors were diverted to the advertising site from the host web site (top-referring web site). 

Web casting 

Web casting is a term used to refer to internet-based broadcasting of audio and video content. It can 
provide two-way communication between the broadcaster and the listener or viewer. Marketers should 
consider some people may have slow internet access. Video conferencing is an example of web casting. For 
example, using this technique, doctors sitting in China, England and Pakistan etc. can, in real time, exchange 
and benefit from each other’s ideas as if they are physically holding a meeting. 

Interactive Advertising 

It uses a combination of rich media (such as audio, video, animations) and traditional forms (such as print, 
TV or radio ads) in order to involve customers in advertising process to increase brand recognition. For 
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example, there is a famous business that uses this marketing technique. Its TV commercial 
induces/encourages viewers to access its website from where customers can select/download various action 
pictures and background music. Thus, by involving a customer in the advertising process itself, it attempts 
to increase its brand recognition for the customers. 

E-business Public Relations 

Public Relations (PR) keeps the customers and employees of a business current or updated as regards 
information about products, services and internal and external issues such as any promotional activities, new 
products, customer reactions etc. Following different modes can be used to disseminate information: 

* Press releases 
I Speeches 

I Special events — seminars, video conferencing etc 
I E-mails 
I Chat sessions 

i Bulletin board — people can post comments 
& Presentations/exhibitions 

Press releases can provide information about current events and other important news to the press or media 
via internet. There can be a press release section of your online business which can be accessed through a 
hyperlink. Moreover, video clips of news appearances, speeches, commercials can also prove to be an 
effective way of publicity. 
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Lesson 32 

CUSTOMER RELATIONSHIP MANAGEMENT (CRM) 

The sum of a company’s customer service solutions constitutes its customer relationship management 
(CRM) system. Level of traffic at the online business site and the available resources would normally 
determine whether or not a business should have CRM. It provides fast and effective service to customers 
and ensures that corrective measures are readily in place. CRM includes call handling, sales tracking and 
Transaction support (technology/personnel etc.). Three tools can be used to improve customer service, that 
is, log file analysis, cookies and data mining. Under CRM system, call centers can be set up having customer 
service representatives who can be reached trough phone, e-mails or online chatting. There are software 
tools or tracking devices that can provide feedback on how many number of internet users actually viewed a 
banner or a marketing message and how many actually clicked on the advertisement. Log files consist of 
data generated by site visits and include information about each visitor’s location, IP address, time of visit, 
frequency of visits etc. There are businesses that provide the services of analyzing web log files. The results 
would show how effective your web site is and indicate the top-referring web sites. You know that cookies 
allow e-commerce sites to record visitor behavior. They can be used to track customers online and do 
personalization. Many customers do not know that their information is being collected and used by the e- 
business site. Thus, informational privacy rights of customers can be breached in cases where cookies are 
used. 

One major goal of CRM is to establish a long-lasting relationship between a company and its customers. 
Good customer services can help in building a sense of loyalty towards company and its products or 
services. Experts have pointed out five stages of loyalty as customer relationships develop over a period of 
time. One can find that the intensity of relationship increases as the customer moves through the first four 
stages. In the fifth stage a decline occurs and the relationship terminates. 

See Fig. 1 below: 



Time 


Fig-1 

Let us briefly examine these stages: 

t Awareness 

This is the first stage where customers recognize the name of the company or any of its products. However, 
they have never interacted with the company before. A company/business can achieve this level by properly 
advertising its brand. 

^ Exploration 

At the exploration stage the potential customers know more about the company or its products. For 
instance, they may have visited the web site of the company and have exchanged any information with it. 
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I Familiarity 

At this stage, customers have completed several business transactions with the company and know its 
policies regarding refund, privacy of information, discounts etc. 

& Commitment 

Having completed a number of satisfactory transactions, some customers may have developed a strong 
sense of loyalty or preference for the products or brand of a company. They are said to be at the 
commitment stage in their relationship with a business. Such loyal customers often tell others about their 
satisfaction as regards products/services offered by the company. Sometimes, companies make concessions 
on price or other terms of business to bring customers into this stage. 

& Separation 

After a period of time those conditions over which a valuable customer relationship is established might 
change. Customers might not be any longer satisfied with the product quality or customer service. On the 
other hand, a company may also find that a loyal customer is proving to be very expensive to maintain. 
Thus, the parties enter into the separation stage. Note that the objective of any marketing strategy is to 
bring the customers quickly to the committed stage and try to hold them there as long as possible. 

Life Cycle Segmentation 

These five stages are also called customer life cycle. Using them to create groups of customers is called 
customer life-cycle segmentation. Segment information is useful for companies to develop better 
relationship with the customers. Companies, thus, know about their customers and their level of 
relationship with the company, and can customize their product/service. 

B2B Marketing on the Web 

For effective CRM, it is necessary that there is complete integration between different steps in a customer 
transaction. So, the processes of selling, buying, marketing, front-end and back-end operations should be 
fully linked and integrated with each other. 

Key difference between B2C and B2B is that in case of B2B there is no direct contact with the end users, 
whereas this contact exists in B2C. Thus, an e-business can have direct response or feedback from its 
customers in B2C as compared to B2B. For example, an online business that deals in the supply of raw 
material to an online manufacturing business has a very limited chance of receiving direct feedback from 
end customers about its product/services due to lack of contact with them. That is one reason why a 
marketing plan is different in B2B from B2C. 

Search Engines 

A search engine is a program that scans web sites and forms a list of relevant sites based on keywords or 
other search-engines ranking criteria. It allows people to find information about their area of interest out of 
large amount of information available on the internet. Examples of famous e-businesses that provide search 
engine facilities are google, altavista, yahoo etc. As a marketer, after you have launched your e-commerce 
web site, you should look for the registration of the same with popular search engines so that your site 
appears on search engine results. 
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META INFORMATION 


Lesson 33 


You know that a Meta tag contains the key information of a web page. This Meta information is used by a 
search engine to locate and rank the web site. You provide your Meta information to a search engine, pay its 
prescribed registration fee and get your site registered with the search engine. Search engine puts this Meta 
information in its database. When a searcher types key words in the search engine text box, these key words 
are matched with the Meta information recorded in the database of the search engine. 

Different search engines have different ranking criteria. Normally, those sites are ranked at the top by the 
search engine software where maximum keywords typed by the user match with the recorded Meta 
information of the site, as well as, such words appear in greater frequency in the Meta information. Some 
search engines search the entire internet each time. Many search engines rank the site by using a program 
called ‘spider’ which inspects the site before ranking. You know that one can view Meta information of 
one’s competitor’s web site. This information can be incorporated and misused by an e-business in its web 
site representing that to be its Meta information. Thus, such a business can improve its ranking on search 
engines by capitalizing upon the reputation of the business whose Meta information it actually is. In many 
countries, stealing and misusing Meta information in this manner to gain business/competitive advantage is 
considered as an offence known as the tort of passing-off. 

Partnerships 

Partnering means to form a strategic union with another company/business for mutual benefit or profit 
sharing. Partner businesses can provide complementary services and products to their customers and thus 
benefit each other. For example an e-business selling computer science books having a link to an e-business 
selling computers and vice versa can enter into a partnership for mutual advantage. Competitive advantage 
to both the businesses in this arrangement is that the customers are a link away from buying a 
complementary product/service. Thus, a person buying a computer from one site can be induced to buy 
computer science books from the partner’s web site. Moreover, partners can exchange technical research or 
customer information. They can help each other in improving respective management or operations. 
Outsourcing a job to a partner can also be useful. 

Affiliate Programs 

An affiliate program is an agreement between two parties that one will pay the other a commission based on 
a specified customer action. It is not a strategic union as is partnership. Rather, it is for limited purpose and 
time. Banner advertising is the example of an affiliate program. 

Branding 

A brand refers to an emotional shortcut between a company and its customers. You can say that it is the 
trade name/symbol that reminds customers about the reputation of a company regarding its products or 
services. 

Elements of Branding 

Researchers have identified three elements of branding, that is, 

^ Differentiation 
Relevance 
Perceived Value 

Product differentiation 

Product differentiation is the first condition to be met in order to create/establish a product/service brand. 
It means that a company must clearly distinguish its product from all others in the market in some 
significant way so that the product/service is different from that of its competitors. For example, you can 
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create/establish your brand on the basis that the soap manufactured by your business is unique in the 
market in the sense that it does not dissolve quickly in water. 

Relevance 

Relevance means to what degree is the product/service useful for potential customers. For example, you 
may have designed very distinguished jewelry but very few people use or purchase the same. In fact, it may 
prove to be too costly for most people to buy. Note that your product/service should be capable of easily 
relating itself to the people. 

Perceived value 

A product/service may be different and relevant (customers can see them using it), still they would not buy 
unless they find some perceived value in it. For example, a restaurant may be selling a unique dish that 
relates/associates itself to the taste of majority of people; still they may not be inclined to buy it because of 
certain negative associations, such as its high fat content. 

Thus, to create or maintain a brand the above three elements have to be fulfilled. 

Emotional branding vs. rational branding 

In case of television, radio or print media people are normally in a passive mode. To a greater extent they do 
not control the communication channel and thus have to listen or view the advertisement about a brand. 
This is a type of emotional branding. On the other hand, emotional appeals are difficult to covey on the 
internet because web is an active medium largely controlled by the customers, which means that they can 
easily click away from any such emotional appeals. Therefore, rational branding is normally used to create or 
maintain brands on the web. Here, businesses offer something interesting or valuable to visitors in exchange 
for viewing the advertisement. For example, a free email account with storage space can be offered through 
some web pages, and on each such page (that offers this email service) the visitors have to see an 
advertisement about the brand. 

Note that transferring existing brands to the web or using the web to maintain an existing brand is much 
easier and less expensive as compared to creating an entirely new brand on web. One common way of 
popularizing the brand of a business on the web is to provide its URL on product packaging, 
advertisements on TV or print media etc. One can also combine the URL with logo of a company on 
brochures, visiting cards etc. in order to popularize the brand. 

Global Marketing 

As a marketer, when you are aiming at marketing your business in the entire world, you have to keep certain 
considerations in mind. Your web design must provide content in various languages and provide prices in 
various currencies, so that people belonging to different countries/cultures can understand the information 
contained in your web site. A regular display of currency exchange rate information can be useful in this 
behalf. Today, tools exist that can translate emails and your web sites into different languages. Another 
important consideration should be as to whether the country where you are doing the business has the 
required infrastructure to support your e-business. For example, whether you have a proper distribution 
channel of your products in a country you are doing business in. Similarly, you should carefully choose a 
payment system for your e-business which is compatible with the environment of a country where you are 
doing business. For example, a payment mechanism using SET cannot be considered as compatible with 
business environment in most of the third world countries. 


© Copyright Virtual University of Pakistan 


139 




E-Commerce - IT430 


VU 


DATA MINING 


Lesson 34 


Data Mining can be defined as the task of discovering interesting patterns from large amounts of data, 
where the data can be stored in databases, data warehouses, or other information repositories. 

Data mining has a lot of business application in today’s world. We can identify the behavior of our 
customers and can effectively target them with personalized messages using data mining techniques. 
Assume that there is a shopping store where the data/information about customers has been 
recorded/stored over a period of time. Using a data mining technique on the customers’ data, certain 
pattern can be generated that can provide useful information. For example, this pattern may tell us that 
people having a certain demographic profile (age over 20 years and sex male) coming from a particular 
location have shown inclination to buy computer related items. It is an interesting clue for the marketers. In 
case there is a computer related item that is to be marketed in future, then marketing effort in this behalf 
should be focused on such persons instead of sending marketing messages at random. In other words, 
persons indicated by the pattern are the ones who are likely to respond to this kind of marketing initiative. 
Thus, if a company follows the pattern it can save time, energy and mailing cost. 

Data warehouse 


A data warehouse is a repository for long-term storage of data from multiple sources, organized so as to 
facilitate the management for decision making. Fig. 1 below shows how data collected at different sources is 
cleaned, transformed, integrated and loaded in a data warehouse from where it can be accessed by clients 
for data mining and pattern evaluation. 



Fig. 1 

Knowledge discovery 

A knowledge discovery process includes data cleaning, data integration, data selection, data transformation, 
data mining, pattern evaluation and knowledge presentation. 

Fig. 2 shows the knowledge discovery process: 
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Fig. 2 


Note that data mining is a step in the overall knowledge discovery process. Data must be cleaned, 
transformed, selected and integrated before data mining is performed. Data cleaning means that missing 
values should be provided in different fields/columns wherever needed and any impossible or erroneous 
values should be substituted by correct/reasonable ones. For example if the age of a person is typed as 
1000 years in the column ‘age’ then an average age value can be put in its place. Where there are quite a few 
erroneous or missing values in a row, then that row can be discarded/deleted altogether. This process is 
called data selection. In data transformation, the data from all different sources is converted into the same 
format. For example, date typed under a column should be in the same format in the entire data collected 
through different sources. In data integration, data from all the sources is assembled or integrated into one 
and housed in the data warehouse. Now, this cleaned, transformed, selected and integrated data is fed to the 
data mining tool from a data warehouse for data mining purpose. The results/ patterns are evaluated by 
managers and useful knowledge is thus gained. Note that almost 80% of the total time used in a knowledge 
discovery process is spent on just making the data fit for mining, that is, data cleaning, data transformation, 
data selection etc. 

Types of Data Mining 

There are four main types of data mining as follows: 

Classification 
^ Association 
^ Characterization 
^ Clustering 

Classification and association are predictive types of data mining while characterization and clustering 
represent the descriptive type. 

Classification 

It allows you to have a predictive model labeling different samples to different classes. The results of this 
type of mining/model are represented as (if-then) rules, decision trees, neural networks etc. Two important 
algorithms used for this type are ID3 Algorithm, and Bayesian classification. Decision tree is a graphical 
representation of the if-then rules. Fig. 3 below shows the result of classification in the form of a decision 
tree. Initially, the whole data is divided into two sets — training data and test data. 
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In the example below, ‘sex’ is the target attribute/variable with males and females as the two classes. When 
no mining is done and values are picked at random, we find that males are 55% and females 45% in the 
training data. With a variation of 1 or 2 % the test data indicates a similar result. Classification algorithm 
may find the variable ‘age’ as the best predictor of males such that when the age is between 20 and 25 years 
the percentage of males rises to 60% in the training data and 59% in test data. Similarly, education and 
annual income can be discovered as other predictors for males, and so on. Thus, you can find a pattern that 
when age is between 20 and 25 years, and education is matric or below and annual income is less than one 
lac (assuming that the model ends at annual income), then there is a 65% probability (in the training data) 
and 64% probability (in the test data) that the sex of a person would be male. Similarly, a pattern for 
predicting females can also be obtained. Note that by using classification mining your probability of 
reaching males has increased from 55% (when no model is used) to 65% when the model is applied. Hence, 
if you want to launch/market a product for males and target them, you can use the model or pattern dug 
out through classification mining. Following this model there would be 65% chance that your message 
would reach the desired class of persons (males). You can send marketing messages to persons having the 
above profile to increase response rate. It would save time, energy and mailing cost. 


In another example, three classes in a sales campaign may be ‘good response’, mild response’ and ‘no 
response’ and different features of items such as ‘price’, ‘brand’, ‘category’ etc. can be found as predictors by 
the algorithm. 



Fig; 3 

Note that we split data into training and test data to judge the effectiveness of a rule, which means that a 
rule (for example, age>=20<=25 years) is picked up as such by the tool only if the test data also confirms 
the same rule with a variation up to lor 2 % etc. The model is practically applied and the results are analyzed 
to calculate the efficiency of the tool/model. 

Efficiency = actual/theoretical* 100 


In case after applying the model we actually reach 50% males whereas the predicted value was 66% (we 
take the figure in test data for calculation) then 

Efficiency = 50/66*100= 75.75 % 
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The decision as to whether or not the same model should be used in the future would depend upon its 
efficiency. Normally, efficiency of a model close to 80% is considered as a good value. 

Association 

Association analysis is the discovery of association rules showing attribute-value conditions that occur 
frequently together in a given set of data. It is widely used for market basket analysis. For example, where 
we are recording sales of a big shopping store in databases, then by applying association mining we may 
discover that certain items have a strong bondage or affinity with each other such that when one item is 
purchased the other is purchased, too. Apriori algorithm is used for association mining. 
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CONFIDENCE AND SUPPORT 


Lesson 35 


There are two terms/measures used in association, that is, support and confidence. Confidence’ is a 
measure of how often the relationship holds true e.g, what percentage of time did people who bought milk 
also bought eggs. Support means what is the percentage of two items occurring together overall. 
Mathematically, they can be expressed as follows if we take the example of eggs and milk: 

Confidence = Transactions (eggs+milk) 

Transactions (eggs or milk or both) 

In case no. of transactions involving eggs and milk are 25 and those involving eggs or milk or both are 75 
then confidence is 25/75*100=33.3% 

Support = Transactions (eggs+milk) 

Total no. of transactions 


In case no. of transactions involving eggs and milk are 10 and total no. of transactions in a day are 50 then 
support is 10/50*100 = 20% 

Suppose if confidence is 90% but the support is 5%., then we can gather from this that the two items have 
very strong affinity or relationship with each other such that when an item is sold the other is sold together, 
however, the chance of this pair being purchased out of the total no. of transactions is very slim, just 5%. 
One can adjust these measures to discover items having corresponding level of association and accordingly 
set marketing strategy. So, if I feed the data to the association mining tool and specify the percentage of 
confidence and support, it will list down the items that have association corresponding to these percentages. 
Results of association mining are shown with the help of double arrows as indicated below: 

Bread Butter 

Computer Furniture 

Clothes Shoes 

Using the result of association mining, a marketer can take a number of useful steps to set or modify 
marketing strategy. For example, items that have closeness/affinity with each other can be shelved together 
to improve customer service. Certain promotional schemes can be introduced in view of the association 
mining result etc. 

Characterization 


It is discovering interesting concepts in concise and succinct terms at generalized levels for examining the 
general behavior of the data. For example, in a database of graduate students of a university the students of 
different nationalities can be enrolled in different departments such as music history, physics etc. We can 
apply characterization technique to find a generalized concept/answer in response to the question that how 
many students of a particular country are studying science or arts. See the following example: 


Student name Department 

Imran History 

Alice Physics 

Ali Literature 

Bob Mathematics 


City of residence 

Karachi 

London 

Lahore 

Toronto 


In the above example, characterization tool can, for that matter, tell us that 02 Pakistani students are 
studying arts. Note that the concept of location and the field of education are generalized to Pakistan and 
arts, respectively. 


The two algorithms used in characterization are Version Space Search and Attribute-Oriented Induction. 
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Clustering 


A cluster is a group of data objects that are similar to another within the same cluster and are dissimilar to 
the objects in other clusters. For example, clusters of distinct group of customers, categories of emails in a 
mailing list database, different categories of web usage from log files etc. It serves as a preprocessing step 
for other algorithms such as classification and characterization. K-means algorithm is normally used in 
clustering. In the example below you can see four clusters of customers based on their income level. K- 
means algorithm displays the result in the format as shown in Fig. 1 below: 



Fig-1 


Online Analytical Processing (OLAP) 


OLAP makes use of background knowledge regarding the domain of the data being studied in order to 
allow the presentation of data at different levels of abstraction. It is different form data mining in the sense 
that it does not provide any patterns for making predictions; rather the information stored in databases can 
be presented/ viewed in a convenient format in case of OLAP at different levels that facilitates decision 
makers or managers. The result of OLAP is displayed in the form of a data cube as shown in Fig. 2 
below: 



Fig. 2 
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Note that in the above diagram, time, item type and location are the three dimensions. OLAP data cube 
indicates the sale of 605 and 825 units of furniture and computers, respectively, in the first quarter of the 
year in Lahore, 440 units of furniture and 345 phone sets in Karachi in the first quarter, respectively, and 
400 grocery items in Lahore during second quarter. Results can be displayed through data cube against more 
than three dimensions. For instance, variables, warehouse’ and ‘customer type’ may also be added as 
dimensions to view the sale results. OLAP tool allows the use of different processes, namely, drill-down, 
roll-up, slice, dice etc. Using drill-down we can further dig the data to receive some specific information. 
For example using that I can find the sale of furniture in a specific month of the first quarter, say, February. 
Roll-up is the reverse of drill-down. In it we can sum-up or integrate the information in a particular 
dimension to show the result. For example the sale of furniture or computers in a particular year (rather 
than a specific quarter) can be viewed using roll-up. Similarly, through slice and dice information can be 
presented which is specific to certain dimensions of the data cube. 

SAS (Enterprise Miner) and DB miner are the names of two commonly used tools for data mining and 
OLAP. Note that characterization can be used in respect of any data type whereas OLAP is generally used 
for numeric data alone. 
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Lesson 36 

ELECTRONIC DATA INTERCHANGE (EDI) 

EDI is used by organizations for transactions that occur on a regular basis according to a pre-determined 
format. It involves exchange of electronic business documents, i.e., purchase orders, invoices etc. EDI 
transactions are carried through special EDI software. This technology was popularly used before the 
introduction of e-commerce by different trading partners on private electronic networks. Key features of 
EDI include: 

No paper work 
No human intervention 

Exchange of information takes place in seconds 

EDI documents are formatted using published standards. Two popular EDI standards are - ANSI 
(American National Standards Institute) XI2 standard and EDIFACT (United Nations Standard of 
Electronic Data Interchange for Administration, Commerce and Transport). 

EDI Example 

Assume E-Pens (a manufacturing company of pens and ballpoints) reviews sales and orders on monthly 
basis to make forecast of its sales for the coming month. Sales forecast is compared with the stocks of raw 
material and other components and a production plan is devised. This monthly plan needs to be flexible so 
that materials could be ordered at short notice if these are not available in the store. For instance, packaging 
material should only be ordered for just in time (JIT) delivery, so that E-Pens can cut down on its stock of 
packaging and reduce the inventory cost. On the other hand, packaging supplier also wants to improve its 
processing of orders, particularly urgent orders. Before using EDI technology, the order used to be 
generated in the following format: 

From: 

E-Pens 


To: ABC & CO. 


Order Ref:AC8484 
Order Date:l5.3.2006 

Qty Description Product Code 

1500 Superior-Red PC-1075-R 

1300 Superior — Silver PC-1075-S 

-End of Order- 

After both E-Pens and its supplier start using EDI system, any amendment of the schedule on the 
production control system reviews the materials requirements and the order is automatically generated. In 
case the above paper order is to be generated using EDI software, the order data is coded and structured 
into a common and generally accepted format. The order would be written as follows in EDIFACT 

(See Fig. 1 - not for exam): 
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UNB+UNOA:2+8484:xx+1149:xx+ Interchange Header 


BEN0273 


UNH+000001+ORDERS :2:932 :UN 

Message 1 

Header 

BGM+220+AC8484 

DTM+4:20060315:102 

NAD+BY+8484326::91 

NAD+SU+1149646:91 

UNS+D 

LIN+1++PC-1075-R:VP 

Qty+21:1500 

LIN+2++PC-1075-S: VP 

Qty+21:1300 

UNT+11+000001 


Data Segments 

Trailer 



UNH 


Message 2 

UNT 




UNZ+1+BEN0273 


Trailer 


Fig-1 

In the above, ‘UNB’ refers to the start of interchange or envelop header, ‘UNOA:2’ to the United Nations 
Control Agency (level A) version 2, ‘8484’ to sender code, ‘1149’ to recipient code, ‘BEN0273’ to control 
reference, ‘UNH’ to message header, ‘000001’ to message no., ‘ORDERS’ to the message type, ‘2:932’ to 
version 2 and release 932, ‘UN’ to control agency. ‘BGM’ refers to beginning of message, ‘220’ to message 
name code (i.e, order), ‘AC8484’ to order no., ‘DTM’ to date and time of message, ‘4’ to a qualifier, 
‘20060315’ to date, ‘102’ to format qualifier (century date), ‘NAD’ to name and address, ‘BY’ to buyer, ‘SU’ 
to supplier, ‘8484326’ to buyer address code, ‘91’ to code list agency, ‘1149646’ to supplier address code. 
‘UNS’ represents section control (that is, start of a section), ‘D’ is for section identification. ‘LIN’ indicates 
line item (e.g, line item number 1 and 2), ‘PT-1075-R’ and ‘PT-1075-S’ indicate item number, and ‘VP’ stand 
for item number type (that is, vendor part). ‘QTY’ represents quantity, ‘21’ is quantity qualifier (indicating 
ordered quantity), ‘1500’ and ‘1300’ is the number of ordered quantity. ‘UNT’ is message trailer/end, ‘11’ is 
control count (indicating no. of line segments in the message), ‘000001’ is message no. ‘UNZ’ represents 
interchange trailer. Note that an interchange can have more than one message, as shown in Fig. 1 above. 

Value Added Network (VAN) 

Value added networks are third party networks that provide services to execute authorized transactions with 
valid trading partners using EDI. Each VAN has a centralized computer system that maintains two files for 
each user, that is, 

Postbox: where outgoing messages are placed, and 
Mailbox: where incoming messages can be picked up 
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VAN Example 


Value Added Network (VAN) 



Fig. 2 

Note that in Fig. 2 above, Nice Store needs to place orders for bread, meat and vegetables. It 
establishes a link to VAN through the dial up line, and sends EDI-based order messages for the three 
suppliers which are temporarily stored in its postbox. VAN computer system inspects postbox, unpacks 
interchanges (electronic envelopes), repackages them as new interchanges and moves them to the 
mailbox of the intended recipients. The three recipients check their mailboxes for new interchanges, 
pick them up and cause them to be transmitted to their respective processing systems. They can also 
send acknowledgment messages and cause them to be stored in their respective postboxes. VAN 
checks them and put them in the mailbox of Nice Food. 

Advantages of VAN 

Two big advantages of using a VAN in EDI are time independence and protocol independence. Time 
independence means that the sending and receipt of the interchange or messages can be carried out at 
the convenience of the users involved. Thus, they are not required to be connected with each other at 
the same time. Protocol independence means that interchanges are re-enveloped with the transmission 
protocol appropriate to the recipient when they are retrieved from the postbox by the VAN. Thus, a 
VAN can provide protocol compatibility between the sender and the recipient, wherever that is 
missing. 

Internet-Based EDI 

Internet can support EDI in a variety of ways. Internet e-mail can be used as EDI message transport 
mechanism in place of having a VAN. An extranet can be created with the trading partner allowing a 
partner to enter information in the fields of web forms which correspond to the fields of EDI message. 
Also, web-based EDI hosting service can be utilized through web-based EDI software. However, a lot 
of work is still required to be done to make use of and popularize internet-based EDI. 

Benefits of EDI 

Some of the benefits of EDI are listed as under: 

Shortened ordering time 
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Since an order is generated automatically according to a pre-defined format, thus, the ordering time is 
very short. 

Cost cutting 

An EDI transaction is more cost-effective in the sense that paper/stationary cost as well as cost of 
hiring staff to complete a transaction is eliminated in case of EDI. The only major cost is the expensive 
EDI software itself. However, once an EDI system is in place, it can save many expenses otherwise 
associated with a normal transaction. 

Elimination of errors 

Messages are generated automatically, so the chances of any typing errors caused by human intervention 
are negligible. 

Fast response 

An EDI message can be read and processed on the receiver side electronically with the help of EDI 
software. So, if the receiver is a supplier of raw material, it can quickly fulfill/implement the order as 
compared to a paper order. 

Accurate invoicing 

Invoices or payment requests by the merchant/supplier can also be generated using EDI standard 
format, which are more accurate than paper invoices. 

^ EDI payment 

EDI standard documents can be used to electronically provide financial information for payment 
purposes. 

Enterprise Resource Planning (ERP) 

ERP is an approach that attempts to integrate all departments and functions across a company onto a single 
computer system that can serve all those different departments' particular needs. For example, finance, 
manufacturing and the warehouse department of a company may have their own software to perform tasks 
specific to each one of them. However, each software can be linked together so that a customer service 
representative can see the credit rating of a customer from finance module, warehouse information from 
warehouse module, and shipment information from the shipment module. SAP is an example of ERP 
software. ERP is complex. It is not intended for public consumption as proper integration of ERP with e- 
commerce applications is still a major problem. 

Electronic Banking 

Electronic banking, also known as cyberbanking, virtual banking, home banking and online banking, 
includes various banking activities conducted from home, business, or on the road, instead of at a physical 
bank location. 

Advantages of e-banking 

^ Get current account balances at any time 
^ Obtain credit card statements 
Pay utility bills 

^ Download account information 
^ Transfer money between accounts 
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^ Send e-mail to your bank 
Manage your own schedule 
^ Handle your finances from any location 
Apply for loans online 

For banks, e-banking represents an inexpensive alternative to branch banking and a chance to enlist remote 
customers. 
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PERSONAL FINANCE ONLINE 


Lesson 37 


Personal finance allows the management of your financial matters in a customized manner. For example, 
tax calculations or financial budgeting can be done through personal finance software. Popular software 
packages for personal finance are Quicken, MS Money and Money 2003 etc. In personal finance online data 
is imported automatically into the register of transactions maintained by the software package as the 
account/transaction details are downloaded through the internet. This information can then systematically 
be used to calculate taxes or prepare a budget for certain activities. 

Value Chain 

EC includes so many activities that it is difficult to figure out where and how to use it in the business. One 
way to overcome this difficulty is to break business into many value adding activities. A strategic business 
unit is a combination of a particular product, distribution channel and customer type. In 1985 Michael 
Porter gave the idea of value chains in his famous book “Competitive advantage”. A value chain is a way of 
organizing activities that each strategic business unit undertakes to design, produce, promote, market, 
deliver and support the products or services it sells. 

Primary and Support activities 


Porter identified that there are some primary activities as well as certain supporting activities in a strategic 
business unit. Followingis the example of value chain for a strategic business unit (see Fig. 1 below): 
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Fig.l 


‘Identify customers’ refer to those activities which try to find new customers and ways to serve 
better to the existing ones, e.g, surveys and market research; 

‘Design’ activities take a product form concept stage to manufacturing stage. They include concept 
research, engineering, drawings preparation, test marketing etc. 

‘Purchase materials and supplies’ activities relate to procurement of material, vendor 
selection/qualification, negotiating supply contracts, monitoring quality and timely delivery etc. 
‘Manufacture product or create service’ activities relate to transformation of materials and labor 
into finished products, e.g, fabricating, assembling, packaging etc. 

‘Market and sell’ activities give buyers a way to purchase and provide inducement for them to do 
so, e.g, advertising, promotions, managing salespersons, monitoring distribution channel, pricing 
etc. 

‘Deliver’ activities relate to storage, distribution and shipment of final product, e.g, warehousing, 
selecting shippers, material handling, timely delivery to customers etc. 

‘Provide after sales service and support’ refer to those activities that aim at promoting a continuing 
relationship with customers, e.g, installing, testing, repairing, maintaining a product, fulfilling 
warranties etc. 
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■flF- Note that left to right flow does not mean a strict time sequence for these activities. For example, 
marketing activity can take place before purchasing materials. 

Importance of each primary activity depends on the product/service and the type of customers. 
For example, for certain type of businesses/products manufacturing activities are more critical and 
for others marketing activities may be more important. 

Support activities provide infrastructure for a business unit’s primary activities as indicated in Fig. 1 
above. Following are the support activities: 

■flP" ‘Finance and administration’ activities relate to accounting, paying bills, borrowing funds and 
complying with government regulations etc. 

‘Human resources’ refer to the activities that coordinate management of employees, e.g, recruiting, 
hiring, compensation and benefits etc. 

‘Technology development’ relates to activities which help improve product/service that a business 
is selling and also help improve processes in every primary activity, e.g, fields tests, maintenance of 
procedures, process improvement studies etc. 

Industry value chains 

It is useful to examine where a strategic business unit fits within its industry. Porter uses the term value 
system to describe larger stream of activities into which a business unit’s value chain is embedded. Different 
strategic business units are associated, each having its value chain, to form industry value chain. By 
understanding how other business units in industry value chain conduct their activities, mangers can identify 
new opportunities for cost reduction and product improvement. Fig. 2 below shows industry value 
chain of wooden furniture: 


Logger cuts down tree 

Sawmill converse logs to lumber 

Lumberyard (distributor) provides lumber 

< & ' 

furniture factory manufactures/assembles 

jy . 

Furniture retailer markets and sells furniture 

Consumer purchases and uses furniture 

0 ' 

disposes of furniture which is recycled 


Fig. 2 

Note that loggers grow and cut the trees to convert them into logs. Sawmill purchases logs and processes 
them in its processing unit to converts them to lumbers. The lumberyard business purchases lumbers form 
the sawmill business and sells them to furniture factory, which manufactures furniture using the lumbers. 
Furniture retailer buys the furniture from furniture factory and sells it to customers, who use it. After 
sometime the furniture is of no use and is disposed of by the customer. It can be then recycled. Note that 
each business unit has its own value chain. The analysis of industry value chain is useful for a sawmill 
business that is considering entering the tree harvesting/growing business or for furniture retailer who 
wants to be a partner with a transportation business. Industry value chain identifies opportunities up and 
down the product’s life cycle for increasing efficiency or the quality of product. 

Examining value chains one finds that EC can help in four different ways as follows: 

^ It can reduce costs of a business; 

It can improve quality of products; 
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^ It can help in reaching new customers or suppliers; 

It can create new ways of selling products. 

For example, a software developer who releases annual updates of his software might consider eliminating 
software retailer from distribution channel for updates by offering to send updates through internet directly 
to his customers. In this way he can reduce the price of his product and increase sales revenue since revenue 
margin payable to the retailer can now be cut down from the price. 

SWOT (strengths, weaknesses, opportunities and threats) analysis 

In SWOT analysis, an analyst first looks into the business unit to identify its strengths and weaknesses then 
looks into the environment in which the business operates and identifies opportunities and threats 
presented by such environment. 

While judging the strengths of a business, questions can be asked such as what does a business do well?. 
Does it have a sense of purpose and culture to support that purpose? While judging weaknesses of a 
business questions can be asked as to what does a company do poorly?. Has it any serious financial 
liabilities?. Has it got the required skilled manpower? In analyzing opportunities a company can try to find 
answers to questions, such as, what is the industry trend? Are there any new markets to enter/explore? Are 
there any new technologies to use?. In finding threats to a company’s business it can ask questions as to 
what things the competitors of the business doing better? Are there any troublesome changes in company’s 
business environment? Are there any new technologies or laws likely to be introduced that might cause 
problem to the company? 

Example of Dell 

Dell, a famous computer manufacturing brand, used SWOT analysis in mid 1990s to create a strong 
business strategy that made it a successful competitor in its industry value chain. It found that its strength 
was to sell directly to customers and design its computers to reduce manufacturing costs. It also found that 
it had no relation with local computer dealers. It faced threats from competitors which had much stronger 
brand names/quality at that time. Dell identified an opportunity by noting that its customers were becoming 
more knowledgeable about computers and could specify what they wanted to buy without Dell sales person 
helping them or answering their questions to develop configuration for them. Moreover, it decided to use 
internet as a potential marketing tool. 

Dell took all four SWOT elements into consideration (see Fig. 3 below) and decided to offer customized 
computers. The computers could be built/configured according to the order or specifications of the 
customers who could place orders through phone and internet. Thus, it developed a strategy using its 
strengths effectively and avoiding reliance on dealer network. Note that brand and quality threats form 
competitors were reduced in this case by Dell’s ability to deliver higher perceived quality of its product in 
the sense that each computer could be customized according to the needs/specifications of the customers. 


Strengths Weaknesses 

• sell directly to consumers • No strong relationships 

• keep costs below competitor's with computer dealers 

costs 


Opportunities 

Threats 

• Consumers know what they 
want to buy 

• Internet could be a powerful 
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• Competitors have strong 
relationships with computer 
dealers 


Fig. 3 
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SUPPLY CHAIN 


Lesson 38 


Supply chain includes all the activities associated with the flow and transformation of goods from the raw 
materials stage all the way to the end user. Supply chain can be broken into three parts, that is, upstream 
activities, internal activities and downstream activities. 

^ Upstream activities relate to materials/services or the input from suppliers 
^ Internal activities relate to manufacturing and packaging of goods 

^ Downstream activities relate to distribution and sale of goods to distributors/customers 

Fig. 1 below shows a simple example of supply chain of a milk processing unit. Note that milkmen supply 
milk to the processing facility. The processing business has ordered a corrugate paper company to supply 
boxes/paperboard for packaging. The paper company receives its raw material from a lumber company for 
manufacturing boxes. The lumber company also supplies paper to label printing business for 
making/printing paper labels. These are upstream activities. The boxes and labels should be available to the 
processing business at the packaging stage. The milk processing unit processes the milk, packages it in 
boxes and attaches labels to them. These are internal activities. The packaged milk is sent to distributors 
who distribute the same at different stores from where customers purchase. These are downstream 
activities. 
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Supply chain management 


Fig- 1 


Engaging and negotiating with suppliers can be extremely beneficial. The process of taking active role in 
working with suppliers to improve products and processes is called supply chain management. Today, firms 
are reaching beyond limits of their own organizational structure. They are creating new network form of 
organization among the members of supply chain. Supply chain management is now used to add value in 
the form of benefits to the ultimate customer at the end of supply chain. It has become important for a 
business to work to establish long term relationship with at least small number of capable suppliers. 


Internet technologies and supply chain 


Internet is a very quick and effective tool of communication. On the other hand, communication is also a 
very critical element in supply chain management. Using internet technology: 

^ suppliers can share any information about changes in the customer demand; 

^ suppliers can have immediate notice of any changes in product design; 

drawings/specifications of a product can be quickly provided to the suppliers and vice versa; 
processing speed of a transaction can be increased; 
cost of handling a transaction can be reduced; 
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^ chances of errors in entering transaction data are reduced; 

Probably, the only disadvantage of using internet technology in a supply chain is that sometimes it may 
prove to be cosdy. However, in ultimate analysis, the advantages override the cost factor. 

With the help of supply chain management software, one can not only manage the internal processes but 
also processes of other members of the supply chain. Therefore, it can be predicted that when and how 
much of certain product would need to be produced. 

Examples of technology use in supply chain 

A typical example of the use of technology in supply chain management is a company which is well-known 
worldwide as the largest producer of commercial aircrafts. It makes a big effort to keep its production on 
schedule. Most commercial airplanes require more than 1 million individual parts and assemblies and each 
airplane is configured according to specific needs of the purchasing airline. Timely availability of these parts 
must be ensured otherwise entire production schedule would be disturbed. 

In 1997 the company had to stop its two assembly operations for several weeks due to errors in production 
and scheduling system causing it a huge financial loss. Thereafter, it decided to invest in information 
systems in every element of its supply chain. Involving its suppliers in the process, it began the use of EDI 
and internet technology, so that the suppliers could supply the right part or assembly at right time to 
prevent production delay. Now, the suppliers could get engineering specifications and drawings before the 
start of manufacturing using a secure internet connection, and plan their own business activities, 
accordingly. Also, members of the supply chain could have the knowledge of the completion of milestones 
and any changes in production schedule. In two years time, this approach resulted in reducing half the time 
needed to complete individual assembly processes. Thus, instead of waiting for 3 years the customer airlines 
could now have the ordered airplane ready for delivery in 10-12 months. Furthermore, the company 
launched a spare parts web site for ordering replacement parts. The site allowed customer airlines to register 
and order for replacement parts through browsers. Soon, the site was processing 5000 transactions per day 
at much lower cost as compared to orders cost through phone, mail, or fax. It also improved customer 
service in the sense that most parts could now be delivered the same day or the next day. 

Another example is of a famous computer selling brand. It realized that by increasing the amount of 
information about its customers it was able to reduce amount of inventory it should hold. It decided to 
share this information with other members of the supply chain by allowing its top suppliers to have access 
to a secure web site which informed them about its latest sales forecasts, planned product changes or any 
warranty claims etc. It also provided information about its customers and their buying pattern. Thus, it 
helped suppliers to plan their own production in a much better way. 

The above examples show how members of supply chain can work together to reduce inventory, increase 
quality of product, reduce production cost and increase process speed. 

Supply chain and ultimate consumer orientation 

Primary objective of supply chain is to help each company to meet needs of the consumer at the end of 
supply chain. This approach is called ultimate consumer orientation. In 1995, a company dealing in the 
business of production of tiers in America adopted a different approach by shifting its focus on tire dealers 
from ultimate customers. It created an extranet that allowed tire dealers to access tire specifications, 
inventory status and promotional information on the web. Thus, it gave opportunity to dealers to access 
product information directly and immediately. It also saved money since a web page is less expensive than 
answering thousands of phone calls daily by the company. This initiative provided a better service to 
dealers, so dealers using this extranet were not likely to recommend to customers a tire from the competing 
business. 
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Competitive Strategy 

Ability of an organization to prosper arises from its competitive advantage over other organizations 
operating within its market sector. The strategy of a business to achieve this goal of competitive advantage 
is known as competitive strategy. Three basic strategies for competitive advantage are as under: 

Cost leadership 
^ Differentiation 
^ Focus 

Cost leadership 

It is the ability to sell the goods or provide the service at a price that is lower than that of competitors, and 
thus attract more customers. 

Differentiation 

Differentiation means that your product/service has certain quality that makes it more attractive than the 
one offered by your competitor, despite the price of your competitor’s product/service is somewhat lower. 
For instance, you can beat your competitors for the reason that the air conditioner produced by your 
company is unique as it does not produce noise while in operation, whereas this feature is missing in the air 
conditioners produced by your competitors. 

Focus 

Focus strategy is defined as concentration on a single aspect of the market. That single aspect can be a 
particular market segment or market area or product type. For example, if my competitors are focusing on 
different market areas, I may, on the other hand, plan that I can be more profitable by concentrating on one 
particular area. It may be a particular province or a city etc. where I may have a better distribution channel. 

Role of e-commerce in Competitive Strategy 

By applying EC following major benefits can be derived: 

^ Reduced administration/transaction cost 

Since things can be done electronically, so infrastructure or overhead cost (cost of building, staff, stationary 
etc) is reduced. Similarly, you can sell directly to your customers and it eliminates the cut/revenue payable to 
intermediaries or dealers. Thus, EC helps in achieving cost leadership. 

^ Improved logistics supply chain 

Using EC one can have a quick response to the order placed. In other words, just in time delivery of the 
material is possible. It helps in reducing inventory and overall production cost and achieving cost 
leadership/ differentiation. 

^ Customization 

With the help of EC, customer data can be gathered and analyzing it customers can be served in a better 
manner according to their needs. One can, thus, implement differentiation and focus strategy. 

^ Differentiate a product in terms of quality of service 

For example, online business of sale of music or books etc. In such cases delivery time and transaction cost 
is saved as customers can directly download the product from the web site, thus, it helps in achieving cost 
leadership and differentiation. 
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Lesson 39 

PORTER’S MODEL OF COMPETITIVE RIVALRY 

Porter’s Model helps a firm to identify threats to its competitive position and to devise plans including the 
use of IT and e-commerce to protect or enhance that position. Porter identified five forces of competitive 
rivalry described as under: 

Threat of potential/new entrants to the sector 
■IF* Threat of substitute product or service in the existing trade 
Bargaining power of the buyers 
Bargaining power of the suppliers 
Competition between existing players 

These five forces are also shown in Fig. 1 below: 



I Threat of new entrants 

This threat relates to the ease with which a new company or a company in different product area can enter a 
given trade sector. Typically, barriers to entry are capital, knowledge or skill. IT/EC can be a barrier for new 
entrants, for instance, where competing businesses have heavily invested in EDI and are using the same, 
their investment would act as a barrier for new businesses to enter that trade sector. Conversely, 
advancements in technology have given rise to new ideas providing opportunity to new entrants without 
any need to build the IT infrastructure or make heavy investment to compete existing players. For example, 
to start online banking a company does not require heavy investment in constructing buildings (branch 
offices), hiring staff etc. as required in traditional banking. Rather, making use of internet technology 
coupled with a sound marketing plan, unique online banking services can be initiated. 

I Threat of substitution 


This threat arises when a new product is available that provides the same function as existing 
product/service. For example, cotton fiber was, in the past, replaced by synthetic fiber, and glass bottles 
were substituted by plastic ones. This threat got materialized in case of music shops in physical world when 
due to the advent of e-commerce; music became available in downloadable format through the artist’s 
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website. The site, in fact, had provided a substitute distribution channel. Another example is that of online 
banking which substituted traditional banking in physical world. 

I Bargaining power of buyers 

The cost of producing and distributing a product should be less than the price it can bring in the market in 
order to be profitable. Number of competitors and the supply of a product are the two major factors that 
determine bargaining power of the buyers. A buyer is in a strong position to bargain for low price if there 
are many competitors and/or the supply of the product in the market is in surplus. Note that with the help 
of e-commerce, low production cost, more inventory control and quick response time can be achieved. 
Besides, direct sale to the customers is also possible that cuts the cost of involving intermediaries. 
Therefore, a business using IT/EC can reduce the overall production cost and afford to keep the price of 
the product relatively low. 

I Bargaining power of suppliers 

Businesses try to find more favorable terms from their own suppliers. If supply of raw material is plentiful 
and/or there are many suppliers, the supply can be procured at a low price. Otherwise, position is more 
favorable to the supplier having more bargaining power. Ability to trade electronically is a factor in the 
quality of service and may be a requirement of the buying organization. Accordingly, bargaining power of a 
supplier is reduced if it is not electronically enabled. 

I Competition between existing players 

Competition among businesses is to get more buyers and trade at a price that produces an acceptable profit. 
If there are many players of the same size, capacity and strategy having little difference between their 
product/service, then there is fierce competition among them as regards the price of the product/service. 
Even a small change in the price of the product/service can be crucial for the business. Again, the use of 
EC can cause a significant difference by reducing administration/transaction cost, increasing efficiency of 
supply chain, improving product quality and customer service. 

The five force analysis determines attractiveness of the industry whether to enter that industry as a business 
or not. 

Strategic Planning Cycle 

E-business competitive strategy is normally formed and implemented according to a planning cycle which is 
called strategic planning cycle. 

There are four stages in this planning cycle as shown in Fig. 2 below: 

Strategic Planning Cycle 



Fig. 2 
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I Industry and competitive analysis 

It aims at identifying those factors on which the success of an EC project or business would depend. One 
way of doing that is to carry out SWOT analysis and study your business as well as the business of your 
competitors. Analysis of online competitor businesses is relatively easy since they are just a few clicks away 
on the web. 

t Strategy formulation 

Based upon this study of internal and external business environment and in light of a company’s strengths 
and weaknesses, a competitive business strategy is formed. It may be a strategy of cost leadership, product 
differentiation or focus. One can also identify ways how information technology can be used to 
implement/enforce such strategy. 

I Implementation 

In the implementation stage, you build a plan to identify steps needed to put the strategy into action and 
practically take those steps. For example, where your strategy is to pursue differentiation in terms of quality 
of service by using/arranging a web-based call centre through which the customers can immediately register 
their complaints; then you will have to select appropriate individuals who are suitable for the job in the 
implementation stage. Creating a web team and defining the role/ responsibility of each member of the 
team is a critical component of implementation stage. For example, you define that this person would be 
the team leader; this would be in the technical staff (web master etc.) or the management staff. Note that 
involvement of key persons from marketing, accounting, finance, human resource, IT, customer relations 
etc. will be important in decision marking as to how a particular implementation plan can be executed. A 
strategic plan can be at times initially implemented in terms of a pilot project before launching it to a full 
scale. For example, an automobile manufacturer in America had implemented a plan/scheme which allowed 
the potential customers to have scheduled test drives before buying a particular car. Initially, this scheme 
was introduced to four American states but later it was implemented all over the country. Another point is 
to consider whether you should build your own infrastructure for execution or outsource the task of 
execution of a strategic plan. For example, where a strategic plan requires a particular web design, you can 
either mange your own team of web designers or outsource this task to an outside firm having expertise in 
this area. 

^ Strategy assessment 

Results of implementation plan are monitored and assessed so that any corrective measures or expansion 
plan can take place. Basically, you want to assess whether your strategy has delivered what it was supposed 
to deliver; whether your strategy is still viable/workable in the ever changing environment. In strategy 
assessment phase, you can learn from your mistakes and do your future planning. In case your EC project 
has been a failure, you can identity the problems and try to remove them. Some of the corrective measures 
can be to property train your web team, establish or review your security or privacy policy, review or 
reassess your web design content, reconsider your marketing plan etc. For the strategy assessment, you can 
conduct surveys, collect information and receive feedback from different groups of people so that you have 
solid input from people coming from a variety of background. Sometimes, you have to entirety give up a 
particular strategy you followed and formulate a new strategy or set of strategies in light of the company’s 
main objective or its mission. 
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Lesson 40 

BARRIERS TO INTERNATIONAL E-COMMERCE 

E-commerce is a combination of three different areas of study, namely, technology, business and 
law/policy. We have studied the technology and business side of e-commerce to a reasonably good extent. 
Now, we have to start the law and policy side of e — commerce. However, before we do that lets discuss 
some interesting issues related to the international aspect of e-commerce. 

Barriers to International e-commerce 

Barriers to international ecommerce include lack of trust, lack of infrastructure, language and culture. 

Lack of Trust 

It is very important for online businesses to establish trusting relationships with their customers like in the 
physical world where companies ensure that customers know who they are. However, it is difficult to build 
trust because a kind of anonymity exists for companies trying to establish web presence. 

There was, once, a famous cartoon used to depict that on the internet nobody knows whether you are a 
dog. The issue of anonymity can be explained by the example that a visiting customer will not know in case 
of an online bank as to how large or well-established the bank is, simply by browsing through its web site. 
On the other hand, visitors would not become customers unless they trust the company behind the site. 

Thus, a plan for establishing credibility of an online business is extremely crucial for its success. In this 
behalf, attention to the needs of the site visitors is very important while designing the web site, since it can 
be helpful in building trust with customers. For instance, there should be easy to find web pages that 
answer questions of the visitors. Note that companies with established brands can build trust for online 
business more quickly as compared to a new company/business without reputation, since a brand conveys 
expectations about how the online business would behave. For example, how the seller online business 
would react to a claim of refund by the customer. 

■flP- Language 

Only way to do business in other cultures is to be a part of such cultures. Language plays a very important 
role in this regard. In the first step you should provide local language versions of your web site. Software 
packages exist that can translate your web site content into different languages. Some sites translate all of 
their pages, but if the web site is very large then one can be selective in translation effort. Usually, home 
page, or pages related to marketing and product information or those related to any local 
interest/advertisement are given higher priority from translation point of view. Mainly two approaches are 
used for the translation of the content. 

In the first approach, browser default language setting can be communicated to server when connection 
establishes between browser and server through c http\ Server can thus detect default browser language 
setting and automatically redirect the browser to those set of pages in that language. Second approach is to 
include links to different language versions on the web site’s home page. One can select any language by 
clicking the appropriate link. However, the link should show name of that language in that language so that 
the user can read/understand the information. It would be interesting to look at an estimate about the use 
of different languages over the internet (see Fig. 1) 
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> Only 370 million of world’s 6 billion population kn ow English as 
native language 

> 70% content on web is in English but more than 50% of current 
internet users cannot read English 

> Other languages used by people on the internet are: 

• Chinese (9.8%) 

• Japanese (9.2%) 

• Spanish (7.2%) 

• German (6.8%) 

• Korean (4.4%) 

• French (3.9%) 

• Italian(3.6%) 

• Portuguese(2.6%) 


Fig.l 


Culture 

It should be useful to know about different cultural issues surrounding international e-commerce. Firstly, 
there is the issue of choice of name. For example, a famous car manufacturing company had chosen the 
name ‘nova’ for one of its car models, which could be understood by the people in Latin America in the 
sense that ‘it will not go’. Similarly, a company selling baby foods in jars should not place the picture of a 
baby on the jar while doing business in certain parts of Africa, since in such parts it is customary (or part of 
the culture/tradition) to put on the jar the picture of contents contained in it. 

Web designers must be careful about the choice of icons because they can have different meanings in 
different cultures. For instance, in U.S shopping cart is a good symbol for selecting and putting your items 
in a virtual place, whereas shopping basket is a more appropriate symbol or icon for the said purpose in 
Europe. Similarly, in India it would not be appropriate to use the image of a cow in a cartoon. In Muslim 
countries people can be offended by human pictures that violate the limit of Islamic parda. Use of colors in 
the web design can also be troublesome. For example, white color denotes purity in Europe and America 
but is associated with death and mourning in china and some Asian countries. Similarly, a web page divided 
into four segments can be unpleasant to a Japanese visitor because no. four is a symbol of death in that 
culture. 

Some parts of the world have cultural environment that is not welcoming for ecommerce. For instance, in 
certain Islamic countries the exchange of information that conflicts with Islamic values is forbidden. Then, 
there are internet censorship activities of governments in certain parts of the world. For example, there are 
complex registration requirements/regulations in china imposed by the government which a business must 
comply with in order to engage in ecommerce. 

The Chinese government conducts review of ISPs record. The ISPs have to maintain a record of their 
customers and retain copies of all their email messages etc. In China a number of internet cafes were closed 
down for violating the electronic record keeping procedures. Some countries do not have strict censorship 
requirement as above, but have strong cultural requirements. For example, in France an advertisement for a 
product or service must be in French, thus, an online business based in America wishing to ship products to 
its customers in France must provide French version of its pages if it intends to comply with French laws. 


© Copyright Virtual University of Pakistan 


162 






E-Commerce - IT430 


VU 


+F- Infrastructure issues 

Internet infrastructure includes computers and software connected to internet and communication 
networks over which data packets can travel. In many parts of the world, telecommunication industry is 
either owned by the government or is strictly regulated by the government. This government control or 
regulations have retarded growth of infrastructure to a limit that sometimes it cannot fully support internet 
data traffic. For example, there is the huge issue of low bandwidth (slow data communication) in most third 
world countries. 

In Europe, cost for internet connection is considered quite high, discouraging people to spend more time 
on surfing the web while shopping. Moreover, international transactions mosdy require physical handling of 
goods by several freight carriers and shipping companies. This storage and handling normally requires 
monitoring by government custom officers, which is not done in domestic transactions. A coordinated 
effort is, therefore, required between customs brokers, freight agencies and government officials in such 
cases due to complex government regulations. 

According to an estimate, almost half of all businesses on the web turn down international orders because 
of the lack of proper infrastructure to handle such transactions, thus losing millions of dollars. 

Electronic Transactions Ordinance, 2002 (ETO) 

ETO is the law introduced in 2002 which extends to the whole of Pakistan. It basically provides legal 
recognition to documents in electronic form and to electronic signatures. To understand this law, it would 
be useful to revise the concept related to the working of digital signature technology (refer to Lecture no. 
23). We shall look at salient provisions/features of this law as it direcdy deals with e-commerce in Pakistan. 
Section 2 of the ETO defines different terms used in it. For convenience these terms have been reproduced 
here (you do not need to memorize these for exam). 

^ “‘Certificate’ means a certificate issued by a Certification Service Provider for the purpose of 
confirming the authenticity or integrity or both, of the information contained therein, of an electronic 
document or of an electronic signature in respect of which it is issued”. 

if- “‘Cryptography services’ means services in relation to the transformation of contents of an electronic 
document from its original form to one that cannot be understood or decoded by any unauthorized 
person”. 

“‘Accredited Certification Service Provider’ means a Certification Service Provider accredited under 
this Ordinance to issue certificates for the use of its cryptography services”. 

“‘Certification Practice Statement’, means the statement prepared by a certification service provider 
specifying the practices it employs in relation to the issuance of certificates and matters connected 
therewith”. 

^ “‘Originator’, means a person by whom, or on whose behalf, electronic document purports to have 
been generated or sent prior to receipt or storage, if any, but does not include an intermediary”. 

“‘Addressee’ means the person intended by the originator to receive the electronic communication but 
does not include an intermediary”. 

“‘information system’ means an electronic system for creating, generating, sending, receiving, storing, 
reproducing, displaying, recording or processing information”. 

^ “‘Electronic Signature’ means any letters, numbers, symbols, images, characters or any combination 
thereof in electronic form, applied to, incorporated in or associated with an electronic document, with 
the intention of authenticating or approving the same, in order to establish authenticity or integrity, or 
both”. 
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^ “‘Authenticity’ means, in relation to an electronic document or electronic signature, the identification 
of and attribution to a particular person or information system”. 

“‘Integrity’ means, in relation to an electronic document, electronic signature or advanced electronic 
signature, the electronic document, electronic signature or advanced electronic signature that has not 
been tampered with, altered or modified since a particular point in time”. 

^ “‘Appropriate authority’ means 

& In relation to items contained in the Federal Legislative List of the Constitution of the 
Islamic Republic of Pakistan, 1973, the Federal Legislature or Federal Government; 

% In relation to items contained in the Concurrent Legislative List of the Constitution of the 
Islamic Republic of Pakistan, 1973, for which a Federal law is in force, the Federal 
Legislature or Federal Government, and, in all other cases, respective Provincial Legislature 
or Provincial Government; 

In relation to the functions of the Federal Government or respective Provincial 
Governments being discharged by a statutory body, that statutory body ; and 

& In relation to matters in respect whereof the Supreme Court or the High Courts are 
empowered to make rules for the regulation of their proceedings, the Supreme Court or 
High Court, as the case may be”. 

Section 3 of the ETO provides: 

“No document, record, information, communication or transaction shall be denied legal recognition, 
admissibility, effect, validity, proof or enforceability on the ground that it is in electronic form and has 
not been attested by any witness”. 

Section 4 of the ETO provides: 

“The requirement under any law for any document, record, information, communication or transaction 
to be in written form shall be deemed satisfied where the document, record, information, 
communication or transaction is in electronic form, if the same is accessible so as to be usable for 
subsequent reference”. 

Note that by virtue of Sections 3 and 4 above, the requirement of law for a document to be in writing 
shall be deemed satisfied if that document is in electronic form. Consequently, if a law requires that one 
must send a legal notice before filing a case against a government organization and that legal notice is 
sent in electronic form (e-mail attachment); it would be said that the requirement of law has been 
fulfilled in terms of sections 3 and 4 above. 
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Lesson 41 

ELECTRONIC TRANSACTIONS ORDINANCE, 2002 (ETO) (CONTINUED....) 

Generally speaking the term ‘Appropriate authority’ includes the five legislative assemblies (national 
assembly and four provincial assemblies), the federal government and four provincial governments, the 
Supreme court of Pakistan and four High courts, and any statutory body working in relation to the 
functions of federal or provincial governments. A statutory body is a body/organization established under 
some statute/law. For example, the Lahore Development Authority (LDA) is a statutory body established 
under the Lahore Development Act, 1975 (a provincial statute). 

The Constitution of Islamic Republic of Pakistan, 1973 is the supreme law of the country, which means that 
every other law in Pakistan has to confirm to the terms of the constitution. It contains two legislative lists at 
its end, that is, the Federal legislative list and Concurrent legislative list. The federal legislative list sets out 
those items/subjects on which only the federal legislature can make laws such as the subject related to 
defense of Pakistan and armed forces etc. On the other hand, matters contained in concurrent legislative list 
are those on which both the federal and provincial legislature can enact/make laws, such as the subject 
related to marriage and divorce etc. 

Section 6 of the ETO lays down the conditions for validly retaining a document in electronic form as 
follows: 

“6. The requirement under any law that certain document, record, information, communication or 
transaction be retained shall be deemed satisfied by retaining it in electronic form if: 

I The contents of the document, record, information, communication or transaction remain 
accessible so as to be usable for subsequent reference; 

k The contents and form of the document, record, information, communication or 
transaction are as originally generated, sent or received, or can be demonstrated to 
represent accurately the contents and form in which it was originally generated, sent or 
received; and 

& such document, record, information, communication or transaction, if any, as enables the 
identification of the origin and destination of document, record, information, 
communication or transaction and the date and time when it was generated, sent or 
received, is retained.” 

Note that basically the conditions for validly retaining a document in electronic form are that such 
document must be accessible for subsequent reference, it should reliably be comparable with its original 
form and its origin and destination is identifiable as also the date and time of its generation. 

Section 7 of the ETO provides legal recognition to electronic signatures and advanced electronic 
signatures in following terms: 

% “ 7 . The requirement under any law for affixation of signatures shall be deemed satisfied 
where electronic signatures or advanced electronic signatures are applied.” 

Note that a presumption of truth is attached to advanced electronic signatures, which means that a court 
should assume that an advanced electronic signature was validly executed, and the burden to prove 
otherwise would be on the party that denies its execution. The difference between an electronic signature 
and advanced electronic signature does not seem to be clear in ETO. It appears that an advanced electronic 
signature involves an accredited certification service provider, whereas an electronic signature can be 
executed without its help to prove authenticity and/or integrity. 

Legal documents are ordinarily required to be written/typed on printed papers which one has to purchase 
for certain value under the law, that is, Stamp Act, 1899. Similarly, the Qanoon-e-Shahadat Order, 1984 (the 


© Copyright Virtual University of Pakistan 


165 





E-Commerce - IT430 


VU 


main law of evidence in Pakistan) also generally requires each executed document to be witnessed by at least 
two male witnesses. Copies of certain documents can be notarized also, which would mean that a copy can 
be signed/stamped by a duly appointed person called notary public confirming that the copy relates to a 
particular original document. 

By virtue of Sections 10 and 11 of the ETO, the stamp duty and the requirement of 
attestation/notarization has been waived for a period of two years or till such time the provincial 
governments devise appropriate measures. For convenience the two sections are reproduced as under: 

b “10. Notwithstanding anything contained in the Stamp Act, 1899 (II of 1899), for a period 
of two years from the date of commencement of this Ordinance or till the time the 
Provincial Governments devise and implement appropriate measures for payment and 
recovery of stamp duty through electronic means, whichever is later, stamp duty shall not 
be payable in respect of any instrument executed in electronic form.” 

I “11. Notwithstanding anything contained in any law for the time being in force, no 
electronic document shall require attestation and notarization for a period of two years 
from the date of commencement of this Ordinance or till the time the appropriate 
authority devise and implement measures for attestation and notarization of electronic 
documents, whichever is later.” 

Section 13 of the ETO talks about as to who would be deemed/supposed to have sent an electronic 
communication. It is given as follows: 

b “13. (1) Unless otherwise agreed as between an originator and the addressee, an electronic 
communication shall be deemed to be that of the originator if it was sent: 

By the originator himself; 

By a person who had the authority to act for and on behalf of the originator in 
respect of that electronic communication; or 
3 By an automated information system programmed by, or on behalf of the 
originator. 

b Unless otherwise agreed as between the originator and the addressee, the addressee is to regard 
an electronic communication as being that of the originator, and is entitled to act on that 
assumption if: 

a The addressee has no reason to suspect the authenticity of the electronic 
communication; or 

There do not exist any circumstances where the addressee knows, or ought to 
have known by exercising reasonable care, that the electronic communication 
was not authentic.” 

Note that an electronic communication would be deemed to be sent by an originator, if the originator 
himself, or his attorney/representative or his automated information system sends the same. The addressee 
is entitled to treat it as the communication of the originator if there exist no reason for a suspicion. 
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Lesson 42 

ELECTRONIC TRANSACTIONS ORDINANCE, 2002 (ETO) (CONTINUED....) 

An originator can attach a condition with the electronic communication that it would be deemed to be 
sent only if the addressee acknowledges its receipt. An originator can also specify the mode in which 
the acknowledgment would be acceptable. Then only such mode can be used for sending the 
acknowledgment. 

Section 14 is the relevant provision in this behalf: 

l “14. Unless otherwise agreed where the originator has stated that the electronic communication 
is conditional on receipt of acknowledgment, the electronic communication is treated as 
though it has never been sent, until the acknowledgment is received. 

I Where the originator has not agreed with the addressee that the acknowledgment be given in a 
particular form or by a particular method, an acknowledgment may be given by: 

i any communication, automated or otherwise, by the addressee ; or 
3 any conduct of the addressee, sufficient to indicate to the originator that the 
electronic communication is received.” 

Section 15 of the ETO provides guideline as regards the place and time of dispatch and receipt of an 
electronic communication in the following terms: 

I “15. Unless otherwise agreed between the originator and the addressee, the dispatch of an 
electronic communication occurs when it enters an information system outside the control of 
the originator. 

I Unless otherwise agreed between the originator and the addressee, or unless proved otherwise, 
the time of receipt of an electronic communication is determined as follows: 

S If the addressee has designated an information system for the purpose of receiving the 
electronic communication, receipt occurs: 

a At the time when the electronic communication enters the designated information system; 
or 

a If the electronic communication is sent to an information system of the addressee that is 
not the designated information system, at the time when the electronic communication is 
retrieved by the addressee; 

a If the addressee has not designated an information system, receipt occurs when the 
electronic communication enters an information system of the addressee. 

& Sub-section (2) applies notwithstanding that the place where the information system is located 
may be different from the place where the electronic communication is deemed to be received 
under subsection (4). 

I Unless otherwise agreed between the originator and the addressee, an electronic 
communication is deemed to be dispatched at the place where originator ordinarily resides or 
has his place of business, and is deemed to be received at the place where the addressee 
ordinarily resides or has his place of business. 

I For the purpose of this section: 
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^ If the originator or the addressee has more than one place of business, the place of 
business is that which has the closest relationship to the underlying transaction or, 
where there is no underlying transaction, the principal place of business; 

If the originator or the addressee does not have a place of business, reference is to be 
made to the usual place of residence ; and 

S “Usual place of residence” in relation to a body corporate, means the place where it is 
incorporated or otherwise legally constituted.” 

Note that sub-sections 1-3 of the above section deal with the time of dispatch and receipt of an electronic 
communication. In general terms, an electronic communication is deemed to have been sent by an 
originator at the time it enters the information system beyond the control of the originator. On the other 
hand, it is deemed to be received by the addressee at the time it enters his information system or his 
designated/specified information system. Note that the determination of time of dispatch and receipt of the 
electronic communication is crucial with regard to the calculation of limitation period in which a legal action 
has to be taken by a party. 

Remember that under the law a legal action is ordinarily initiated within a specified time period, beyond 
which such an action is not maintainable. This is called the law of limitation. Main idea behind the law of 
limitation is that a party should be vigilant/alert in bringing its claim in a court of law. Sub-section 4 
provides the guideline as to how the place of dispatch and receipt of an electronic communication can be 
determined. Basically, it describes the place of dispatch and receipt of an electronic communication to be 
where the originator or the addressee ordinarily reside or have their respective businesses. 

Note that the determination of place of dispatch and receipt of electronic communication is important to 
fix the territorial jurisdiction. Territorial jurisdiction refers to the legal competence or right of a court of a 
particular area/territory to entertain and decide a case. 

Section 16 states that no one shall have a legal right to insist upon an appropriate authority to create, issue, 
accept or retain a document in electronic form. However, where an appropriate authority under a law issues, 
creates, retains, accepts or provides any mechanism for payment/transaction, it, on its own, can decide that 
a document would be in electronic form for the above purposes. Also, it would be entitled to specify the 
manner/format for any such documents, procedures, the type of electronic signatures etc. This provision is 
reproduced here for a reference: 

^ “16. Nothing contained hereinbefore shall confer a right upon any person that any appropriate 

authority should accept issue, create, retain, preserve any document in electronic form or effect 
monetary transaction in electronic form. 

I Any appropriate authority pursuant to any law or procedure: 

j Accepts the filing of documents, or requires that documents be created or retained; 

Issues any permit, certificate, license or approval; or 
i Provides for the method and manner of payment, procurement or transaction 

May notwithstanding anything contained to the contrary in such law or procedure: 

Q! Accept the filing of such documents, or creation or retention of such documents in the 
form of electronic documents; 

Issue such permits, certificate, licence or approval in the form of electronic document; or 
3 Make such payment, procurement or transaction in electronic form. 

In any case where an appropriate authority decides to perform any of the functions in clause 
(1) (i), (ii) and (iii) of sub-section (2) may specify: 

3 The manner and format in which such electronic documents shall be filed, created, 
retained or issued; 
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S When such electronic document has to be signed, the type of electronic signature, 
advanced electronic signature or a security procedure required; 

Q The manner and format in which such signature shall be affixed to the electronic 
document, and the identity of or criteria that shall be met by any certification service 
provider used by the person filing the document; 

3 Control process and procedures as appropriate to ensure adequate integrity, security and 
confidentiality of electronic documents, procurement, transactions or payments; and 

any other required attributes for electronic documents or payments that are currently 
specified for corresponding paper documents.” 

Note that the above provision provides the legal basis for e-government. 

Under Section 17 a certification service provider, which is not accredited, can still be engaged in providing 
certification services. Note that a certification service provider is the same as a certification authority you are 
familiar with. Section 18 provides that the Federal Government shall establish a Certification Council, 
which is a high level body comprising five members. The qualifications of the members of the Council are 
mentioned in Section 19. The Council shall have its own fund under Section 20. The functions of the 
Certification Council are described in Section 21. Mainly, the council would grant, renew, suspend, revoke 
any accreditation certificates to the certification service providers, and would monitor compliance of 
certification service providers with the provisions of the ordinance. It would also be responsible for setting 
up and maintaining a repository/database where information about accreditation certificates and digital 
certificates issued to the subscribers would be placed and accessible by public at large. For quick reference 
the relevant provisions are quoted below: 

I “17. Nothing in this Ordinance shall impede or in any way restrict the rights of any certificate 
service provider to engage in the business of providing certification services without being 
accredited. 

I No person shall hold himself out as an accredited certification service provider unless he holds 
a valid accreditation certificate issued under section 24 by the Certification Council.” 

I “18. Within sixty days of the promulgation of this Ordinance, the Federal Government shall, 
by notification in the official Gazette, constitute a Certification Council to be known as 
Electronic Certification Accreditation Council. 

1 The Certification Council shall be a body corporate with perpetual succession and a common 
seal, and shall by the said name sue or be sued. 

I The Certification Council shall comprise of five members, with four members from the private 
sector. One of the Members shall be designated as the chairman.” 

“19. of the five members of the Certification Council: 

I One shall be telecommunications engineer with at least seven years work experience, of which 
at least one year is in the field of cryptography services; 

& Two shall be professional or academics with at least seven years work experience in the field of 
information technology; 

l One shall have an administrative background with at least seven years experience in a private or 
public organization; and 
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I One member shall be an advocate with at least seven years experience and adequate knowledge 
of laws relating to information technology and telecommunications.” 

“20. the funds of the Certification Council shall comprise of: 

I Grants from the Federal Government; 

& Fee for grant and renewal of accreditation certificate; and 

I Fee, not exceeding ten Rupees, for every certificate deposited in the repository; fines.” 

k “21. The Certification Council shall perform such functions as are specified in this Ordinance 

or may be prescribed. 

® Without prejudice to the generality of the foregoing subsection, the Certification Council shall: 

j ! Grant and renew accreditation certificates to certification service providers, their 
cryptography services and security procedures; 

j Monitor and ensure compliance by accredited certification service providers 
with the terms of their accreditation and revoke or suspend accreditation in the 
manner and on the grounds as may be specified in regulations; 

9 Monitor compliance of accredited certification service providers with the 
provisions of this Ordinance; 

J Establish and manage the repository; 

J Carry out research and studies in relation to cryptography services and to obtain 
public opinion in connection therewith; 

Recognize or accredit foreign certification service providers; 

-• Encourage uniformity of standards and practices; 

G Give advice to any person in relation to any matter covered under this 
Ordinance; 

Make recommendations to an appropriate authority in relation to the matters 
covered under this Ordinance.” 

For the creation/management of information repository, there is Section 23 in the ETO as follows: 

I “23. The Certification Council shall establish and manage a repository for all accreditation 
certificates, certificates issued by accredited certification service providers and for such other 
information as may be specified in regulations made by the Certification Council. 

I The Certification Council shall take appropriate measures to ensure the security of all 
information contained in the repository. 

^ All information contained in the repository shall be open to public inspection. 

t Notice of suspension or revocation of any accreditation or of certificate issued by an accredited 
certification service provider, shall be posted in the repository within the prescribed time.” 
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Lesson 43 

ELECTRONIC TRANSACTIONS ORDINANCE, 2002 (ETO) (CONTINUED....) 

Section 24 of the ETO provides that Certification Council shall make regulations specifying the 
criteria/procedure for the grant of accreditation certificates to the certification service providers. The 
provision is reproduced as follows: 

& “24. The Certification Council may grant accreditation to certification service provider, its 

cryptography services, electronic signature or advanced electronic signature and security 
procedures who comply with the criteria for accreditation specified in the regulations. 

I The terms and conditions of the accreditation, including those relating to duration of the 
accreditation, renewal, suspension or revocation, shall be specified in regulations. 

I The fee for grant and renewal of the accreditation shall be as prescribed. 

I The form and manner of proceedings for the consideration of application for grant, renewal, 
suspension or revocation of accreditation shall be specified in the regulations provided that, the 
regulations shall provide for a transparent procedure with due regard to the right of hearing.” 

Note that a certification service provider shall have proper right of hearing before a decision on its 
application for the grant of accreditation certificate is made. This is based on the fundamental principle of 
law that no body should be condemned unheard (also called the principle of natural justice). 

Under Section 25, each certification service provider shall prepare a Certification Practice Statement (CPS) 
as prescribed by the regulations of the Certification Council. CPS would be a policy document of the 
certification service provider, which would be filed along with the application for grant of accreditation 
certificate. 

A copy of the certification practice statement shall be maintained at the office of the Certification Council 
and shall be open to public inspection. Subject to any regulations made by the Council, a CPS would 
normally include information for persons adversely affected by a wrong/false certificate, the extent of 
liability, policy about suspension or revocation of certificates etc. For details you can see section 25 
below (no need to memorize any such section, just try to build a general sense): 

l “25. Each certification service provider, desirous of being accredited, shall prepare and have at 
all times accessible a certification practice statement in such form and with such details, 
particulars and contents as may be specified in regulations made by the Certification Council. 

1 Without prejudice to the generality of the foregoing, the regulations may provide for: 

3 Prompt information to persons likely to be adversely affected by any event relating 
to the information system of the certification service provider or inaccuracy, 
invalidity or misrepresentation contained in a certificate; 

Identification of subscribers; 

3 Suspension or revocation of certificates; 

3 Accuracy of information contained in a valid accreditation certificate; 

3 Foresee ability of reliance on valid accreditation certificates; and 

3 Deposit of certificates or notification of any suspension or revocation of any 
accreditation certificate or any other fact or circumstance affecting the certificate, in 
the repository. 
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& The certificate practice statement shall be submitted to Certification Council for approval along 
with the application for accreditation. 

I Any subsequent change in the approved certification practice statement shall be initiated and 
processed in such manner as may be specified in regulations made by the Certification Council, 
and upon approval by the Certification Council, shall be incorporated in the certification 
practice statement. 

% A copy of the certification practice statement shall be maintained at the office of the 
Certification Council and shall be open to public inspection. 

I Subject to such limitations as may be specified in the regulations made under sub-section (1), a 
certification service provider shall, during the period of validity of an accreditation certificate 
published for reliance by any person, be deemed to warranting to such person that: 

Ci the certification service provider has complied with the requirements of this 
Ordinance, rules and regulations made under this ordinance ; and 

j the information contained in the certificate is accurate. 

I The Certification Council may suspend or revoke the accreditation of a certification service 
provider for failure to comply with the provisions of this section: 

Provided that, an order for suspension or revocation of accreditation shall be made in the manner specified 
in regulations made under sub-section (1) after providing reasonable right of hearing.” 

All applications and matters before the Certification Council should be decided as quickly as possible 
through a speaking order (order containing reasons). The Council may appoint such officers, employees and 
advisers as it considers necessary, and can also establish regional or local offices for due performance of its 
functions. 

Section 31 of the ETO specifies that it does not apply to five different types of documents, namely, a 
negotiable instrument, a power of attorney, a trust, a will, a contract of sale or conveyance of immoveable 
property. Accordingly, such documents are still required to be in paper form. 

A negotiable instrument includes a promissory note, a bill of exchange and a check. A promissory note is 
an unconditional promise or undertaking to pay a specified amount to a specified person. A bill of exchange 
is an order by a person (person A’) to another person (person C B’) to make certain payment to a third 
person (person ‘C’) on behalf of A\ A check is a type of bill of exchange where the bank is asked by a 
person (drawer of the check) to make specific payment to the person in whose favor the check is written. A 
power of attorney is the document through which some authority is given by a person to another to do 
certain acts or things on behalf of the person who executes the power of attorney. A document of trust or 
trust deed is prepared to create a trust. A trust can own property in its name. 

The property of the trust is used for the benefit of specified persons named in the trust deed called 
beneficiaries of the trust. The person who establishes the trust is called author of the trust. The persons 
who mange the affairs of the trust are called trustees. A will is a document through which someone can 
name the person(s) who would be entitled to own his property after his death. A document through which 
the ownership in a property is legally transferred to someone is called a conveyance deed (such as a sale 
deed). 

A contract of sale of immoveable property (land etc.) and/or a conveyance deed in this behalf are still 
required to be in paper form. Note that the Federal Government, however, has been given the power to 
make whole or any part of the ETO applicable to all or any of the above documents through a notification 
in the official gazette. 
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For reference, section 31 is given as under: 

I “31. Subject to sub-section 
1 Nothing in this Ordinance shall apply to: 

9 a negotiable instrument as defined in section 13 of the Negotiable Instruments Act, 
1881 (XXVI of 1881); 

0! a power-of-attorney under the Powers of Attorney Act, 1881 (VII of 1882); 

a trust as defined in the Trust Act 1882 (II of 1882), but excluding constructive, 
implied and resulting trusts; 

a will or any form of testamentary disposition under any law for the time being in 
force; and 

a contract for sale or conveyance of immovable property or any interest in such 
property. 

^ The Federal Government after consultation with the provinces may, by notification in 
the official Gazette and subject to such conditions and limitations as may be specified 
therein, declare that the whole or part of this Ordinance shall apply to the whole or part of 
one or more instruments specified in clauses (a) to (e) of sub-Section (1).” 

Section 32 of the ETO says that courts in Pakistan shall have jurisdiction or authority to decide any matter 
that relates to persons or information systems or events in Pakistan and covered by the terms of the 
Ordinance. Assume that someone from England accesses an information system in Pakistan and deletes or 
modifies the data of a person contained therein without any authority, then this act may be treated as an 
offence under the ETO and Pakistani courts would have jurisdiction to try such a matter. Note that ETO 
would have an overriding or dominating effect as opposed to a law which is inconsistent with its terms. 
Sections 32 and 33 are reproduced as under in this behalf: 

I “32. The provisions of this Ordinance shall apply notwithstanding the matters being the 
subject hereof occurring outside Pakistan, in so far as they are directly or indirectly connected 
to, or have an effect on or bearing in relation to persons, information systems or events within 
the territorial jurisdiction of Pakistan.” 

I “33. The provisions of this Ordinance shall apply notwithstanding anything to the contrary 
contained in any other law for the time being in force.” 

Sections 34 to 37 of the ETO deal with offences. Four different types of offences are mentioned in ETO. 
Where a subscriber obtains a certificate from the certification service provider providing false information, 
deliberately, he is guilty of an offence. Any directors or other officers of a certification service provider 
commit an offence in case they issue a certificate knowing that it is false or they do not cancel a certificate 
after they have come to know that the information it contains is wrong/false. 

A person who accesses or attempts to access an information system with or without the intention to acquire 
information contained therein is also guilty of an offence under the ETO in case he does so without any 
authority. 

A person would also be said to have committed an offence where he, without any authority, deletes, 
removes, or alters any information contained in any information system, or he hinders or attempts to hinder 
access to an information system without any authority to do so. Note that each of the above offences 
prescribes imprisonment or fine or both. The aforesaid provisions are reproduced below in case you want 
to look into details: (for exam you are not supposed to memorize these sections) 
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i 1 “34. any subscriber who: 

Provides information to a certification service provider knowing such information to be 
false or not believing it to be correct to the best of his knowledge and belief; 

i Fails to bring promptly to the knowledge of the certification service provider any change in 
circumstances as a consequence whereof any information contained in a certificate 
accepted by the subscriber or authorized by him for publication or reliance by any person, 
ceases to be accurate or becomes misleading, or 

3 Knowingly causes or allows a certificate or his electronic signatures to be used in any 
fraudulent or unlawful manner, shall be guilty of an offence under this Ordinance. 

I The offence under sub-section (1) shall be punishable with imprisonment either description of 
a term not exceeding seven years, or with fine which may extend to ten million rupees, or with 
both.” 

“35. Every director, secretary and other responsible officer, by whatever designation called, 
connected with the management of the affairs of a certification service provider, which: 

3 Issues, publishes or acknowledges a certificate containing false or 
misleading information; 

3 Fails to revoke or suspend a certificate after acquiring knowledge that any 
information contained therein has become false or misleading; 

^ Fails to revoke or suspend a certificate in circumstances where it ought 
reasonably to have been known that any information contained in the 
certificate is false or misleading; 

^ Issues a certificate as accredited certification service provider while its 
accreditation is suspended or revoked; shall be guilty of any offence under 
this Ordinance. 

^ The offence under sub-section (1) shall be punishable with imprisonment either description of a 
term not exceeding seven years, or with fine which may extend to ten million rupees, or with 
both. 

& The certification service provider or its employees specified in sub-section (1) shall also be 
liable, upon conviction, to pay compensation for any foreseeable damage suffered by any 
person or subscriber as a direct consequence of any of the events specified in clauses (a) to (d) 
of sub-section (1). 

^ The compensation mentioned in sub-section (3) shall be recoverable as arrears of land 
revenue.” 

“36. Any person who gains or attempts to gain access to any information system with or 
without intent to acquire the information contained therein or to gain knowledge of such 
information, whether or not he is aware of the nature or contents of such information, when 
he is not authorized to gain access, as aforesaid, shall be guilty of an offence under this 
Ordinance punishable with either description of a term not exceeding seven years, or fine 
which may extend to one million rupees, or with both.” 

I “37. Any person who does or attempts to do any act with intent to alter, modify, delete, 
remove, generate, transmit or store any information through or in any information system 
knowingly that he is not authorized to do any of the foregoing, shall be guilty of an offence 
under this Ordinance. 


© Copyright Virtual University of Pakistan 


174 




E-Commerce - IT430 


VU 


l Any person who does or attempts to do any act with intent to impair the operation of, or 
prevent or hinder access to, any information contained in any information system, knowingly 
that he is not authorized to do any of the foregoing, shall be guilty of an offence under this 
Ordinance. 

I The offences under sub-section (1) and (2) of this section will be punishable with either 
description of a term not exceeding seven years or fine which may extend to one million 
rupees, or with both.” 
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GLOBAL LEGAL ISSUES OF E-COMMERCE 


Lesson 44 


The jurisdiction to try offences under the ETO is vested with the session courts in Pakistan. It may not be 
out of place to mention here about the hierarchy of courts in Pakistan (see Fig. 1 below). Law is broadly 
divided into two classes on the basis of nature of wrong, namely, civil law and criminal law. Civil law deals 
with the private rights of the parties, whereas the object of criminal law is to punish the wrong-doer. Civil 
wrongs such as breach of contract are deemed to violate only the rights of individuals and not the society in 
general. On the other hand, a criminal wrong (crime) is an act deemed by law to be harmful to the society in 
general such as theft or murder etc. and the state itself is a party in such matters. 

At the bottom of hierarchy, the court having jurisdiction to try civil wrongs is the civil court and the one 
having jurisdiction to try crimes is the court of magistrate. Appeal against the decision of a civil court or 
magistrate, in many cases, can be filed in the District court (in civil matters) and in the Session court (in 
criminal matters), respectively. Further, an appeal can be filed in the High court, in most cases, against the 
decision of the district/session court. 


Likewise, the decision of the High court can be challenged in most cases before the Supreme Court of 
Pakistan, which is the apex court (the court at the top of the hierarchy). It may be noted that High Court in 
certain matters has an extraordinary jurisdiction to entertain cases under Article 199 of the Constitution of 
Pakistan, which is called the writ jurisdiction of the High Court. For instance, where a government body has 
breached any law, a writ can directly be filed in the High court against such a body. 



Fig-1 


Most of the countries have, by now, made laws providing recognition to electronic documents and 
electronic signatures. They have basically followed a model law on e-commerce proposed by a U.N. body 
called UNCITRAL (United Nations Commission on International Trade Law) in 1996. On analysis, it 
appears that ETO has certain deficiencies. For instance, difference between an electronic signature and an 
advanced electronic signature is not clear. Sections dealing with the offences of violation of informational 
privacy and damage to information/informational systems are too broadly worded, which may lead to 
confusion. International aspects of e-commerce such as recognition of the foreign certificates and electronic 
signatures etc. are missing. Difference in the role of accredited certification service providers and non- 
accredited ones has not been logically defined in the ETO. Above all, the rules (to be made by the Federal 
Government) and regulations (to be made by the Certification Council) under the ETO are not in place 
after so many years have elapsed since its enforcement. 
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Let us now examine some major global legal issues of e-commerce. They are listed as follows: 

& Territorial jurisdiction 

I Online contracts 

r Copyright in cyberspace 

I Domain name and trademark conflicts 

I Online defamation 

& Online privacy 

■ Issues of taxation on internet 

i Cyber crimes 

t Territorial Jurisdiction 

There are different forms of jurisdiction. Territorial jurisdiction refers to the competence of a court to 
decide a case on the basis of certain geographical area/territory. So, if a dispute arises in Karachi, the courts 
in Karachi would only have territorial jurisdiction, and the case cannot be filed in Islamabad or Lahore. 
Ordinarily, territorial jurisdiction lies where the defendant resides or carries on business or the cause of 
action has wholly or partly arisen or the immoveable property is situated (in case the matter relates to land 
etc.). 

Note that the person who files a lawsuit is called plaintiff and the person against whom it is filed is called 
defendant. Thus, if a contract is signed at Lahore under which Mr. Ali has to deliver certain goods to Mr. 
Imran at Karachi and Mr. Ali resides at Rawalpindi, then Mr. Imran can file a suit against Mr. Ali for his 
failure to deliver the goods. This suit can be filed at any of the three places, that is, Lahore, Karachi or 
Rawalpindi. 

Note that there is no question of any conflict of laws in this scenario since laws all over Pakistan are almost 
the same. However, things get complicated when we talk of a legal dispute in cyberspace because of the 
nature of the internet which transcends any geographical boundaries. Here, different countries, having 
different set of laws, may come into picture having certain linkage with the internet transaction. The issue of 
territorial jurisdiction becomes complicated when we try to find that the court of which country has the 
lawful jurisdiction to decide the internet dispute. 

For example, an Australian firm having web site in English doing ecommerce does not indicate to its 
customers that it is an Australian firm. The web server hosting its site may be located in Canada, and people 
maintaining this site may be the residents of England. Assume a Pakistani buys certain goods from this 
Australian firm and is, later, unhappy with the goods received. He might want to file a lawsuit against the 
Australian firm. The border/boundary based system of jurisdiction in the physical world does not help this 
Pakistani in determining where to file the case. He may consider filing the case in any of the countries which 
have linkage or connection with the transaction, namely, Australia, England, Canada or Pakistan. Another 
example is of a defamatory message sent from England defaming a Canadian. The web site may be hosted 
in Sweden, and the ISP providing services may be located in Brazil. Again, four different countries having 
different set of laws are emerging in this transaction, that is, England, Canada, Sweden and Brazil. 

In all such matters the plaintiff has an option to choose the country/forum for filing his case. Obviously, 
the plaintiff would choose the forum whose laws are more favorable to him as compared to the defendant. 
The relative ease with which the plaintiff in cyberspace can drag the defendant to the forum of the 
plaintiff s choice is called forum shopping. So, if the law of evidence in Singapore suits the plaintiff and he 
can also establish cause of action or linkage of the internet transaction with Singapore, then the case may be 
legitimately filed there. One of the key tests that the courts have prescribed to determine territorial 
jurisdiction in cyberspace is to examine the level of interactivity, commercial nature and effects of the 
exchange of information. 
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® Online contracts 


In the physical world three elements must be satisfied in order to make a valid contract, namely, offer, 
acceptance and consideration. The same three elements must also be present in case of a valid online 
contract. An offer is a commitment with certain terms made to another party such as willingness to buy or 
sell certain product. 

A contract is formed when a party accepts the offer of another party for consideration. Consideration is the 
agreed exchange of something valuable for both the parties such as money, property or services. For 
example, Mr. A’ offers to buy a basket of apples for Rs. 200, which is accepted by Mr. C B’ and thus a lawful 
contract comes into existence between them. Here, consideration for Mr. A’ is the basket of apples he is 
getting, and for Mr. C B’, Rs. 200 in exchange of his apples. In most cases when you click C I accept’ or C I 
agree’ button on a web page, it indicates your acceptance to the terms of a certain offer, and this can give 
rise to a lawfully binding contract (also known as a click wrap agreement). 

It is not necessary to have a written contract. The contract can be made orally or by conduct or through 
correspondence. So, offers and acceptances can occur in the cyberspace when parties exchange email 
messages, engage in EDI, fill out web forms or download a web page. An offer can be revoked as long as 
no payment, delivery of service or other consideration has been accepted. Note where a seller advertises 
goods for sale on a web site, it is not making an offer but is inviting offers from potential buyers. 


Normally, by looking at a web ad, the buyer can send an order, which in fact is an offer the seller can 
accept, to form a contract. If the seller cannot supply the ordered items it has an option to reject the offer 
or make a counter offer. Then the buyer has the option to accept or reject the counter offer 

(See Fig. 2 below to understand the concept). 



Fig. 2 


In online environment acceptances may be issued by an imposter/cheater that does not have authority to 
bind the online business. To overcome this problem companies and individuals can use digital signatures to 
establish identity in online transactions. 


It is particularly desirable that where a contract is of significant amount, parties should require each other 
to use digital signatures to establish identity and to confirm that person making an acceptance has the 
authority to bind the company. Where due to the failure of a company to protect the passwords stored with 
it, an imposter is able to enter company’s system and accept an offer; a court might find such negligent 
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company to be responsible for the breach of a contract. In such circumstances the company may be 
directed to fulfill the terms of the contract or pay compensation to the aggrieved party. 

I Copyright in cyberspace 

Copyright is a huge area of concern in cyberspace due to the nature of internet technology. A copyright is 
an exclusive right granted by law to the author or creator of a literary or artistic work to reproduce, print, 
publish or make copies of such work. Creations or works that can be copyrighted include books, music, 
artwork, audio and video recordings, computer software, architectural drawings, product packaging etc. 

Note that there is no copyright in ideas. Only, a particular form or expression of the idea can be 
copyrighted. If an idea cannot be separated from its expression, the work cannot be copyrighted. Thus, in 
most cases, mathematical calculations cannot be copyrighted. Most web pages are likely to be protected by 
copyright because words, graphics and html tags are arranged in such a manner that it may give rise to an 
original work. Naturally, it causes a problem. Each time an http request is made by a client, a copy of the 
html document can be made on the client machine. Similarly, where ISPs are engaged in caching, an extra 
copy of the web page is made/stored in cache memory on the system of the ISP. Some people had argued 
that copyright law could not be enforced on the internet in the above circumstances. 

There is a concept of ‘fair use’ or ‘fair dealing’ in copyright law that provides legitimate exceptions to 
copyright violation. Generally, fair use of a copyrighted work includes copying it for use in criticism, 
comment, news reporting, teaching, scholarship or research. Experts draw support from this concept of 
‘fair use’ to deal with the problem of copyright over the internet. It is also argued that in cases where the 
author of a work has himself provided a hyperlink leading to his work, he should be regarded as giving the 
implied authority or license to download or make copies of his work. In such an eventuality, the issue of 
copyright should not arise according to an opinion. 

Generally, the protection under ‘fair use 5 may be sought on the following basis: 

Nature of use:- the work has been used for educational and/or non-profit purposes only; 

Nature of work:- if the copied work contains factual information then it may be more effectively covered 
under the fair use clause as opposed to some creative work; 

Extent of the work copied:- if the amount of work copied is insignificantly small then the courts might take 
a view favorable to the accused; 

Effect on the market value of the work:- A person alleged with the copyright violation may escape any 
liability arguing that the work has not been circulated to many people and there has not been any negative 
impact on the value of actual work due to the circulation. 

When you make fair use of a copyrighted work you should provide citation to the original work to avoid 
any charge of plagiarism. The charge of plagiarism can be leveled against a person who tries to copy the 
expression of the original author presenting it be his expression in order to obtain credit for the academic 
work. Academic institutions can take serious action against students/persons who are found guilty of 
plagiarism. 

It may be interesting to refer to the famous ‘Napster case’, here. The company, Napster, had a web site. It 
used to provide software and a network to millions of people using which they could exchange music files 
on internet that they had copied and compressed into MP3 format. Many music recording companies sued 
Napster for facilitating violations of their copyright. Napster argued that it only provided the way or 
machinery but was not directly involved in copyright violation. Disagreeing with that the courts in America 
found that Napster was guilty of vicarious or contributory copyright infringement, as it was capable of 
supervising infringing activity and was obtaining a financial benefit for such an activity. Eventually, the 
court ordered that Napster site should be shut down. Napster agreed to pay 26 million dollars in damages 
for copyright infringement to a group of music companies and agreed to pay copyright holders for the 
music that would be downloaded in future. 
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World Intellectual Property Organization (WIPO) is a U.N. sponsored body. In 1996 it proposed two 
international treaties on copyright which were signed by many countries of the world. Those who signed 
these treaties agreed to adopt or amend laws in their respective countries to ensure protection to 
copyrighted work of the author of a signatory country in view of the new infrastructure or technological 
developments in respect of digital information exchange. 
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GLOBAL LEGAL ISSUES OF E-COMMERCE 


Lesson 45 


^ Patent infringement 

A patent is an exclusive right granted by law to make, use and sell an invention. In order to be 
patentable, the invention must be unique, genuine, and useful according to the prevalent technological 
standards. Patenting software programs is not considered a popular option these days. Firms, which 
had developed software programs for web sites, have experienced that obtaining a software patent is 
expensive and quite time consuming. Therefore, copyright registration of software programs is 
considered a more feasible option. It may, however, be interesting to talk about ‘business process 
patents’ which have value for e-commerce companies. These patents are granted on ‘methods of doing 
business’, and protect a specific set of procedures for doing a certain business activity. For instance, a 
famous online business has conceived a unique 1-click purchasing method. Another e-business has a 
peculiar price tendering system (‘name your own price’ system). Similarly, an online business uses a 
specific approach of aggregating information from different web sites. The aforesaid businesses have 
found their respective business process patents to be quite useful. However, in the opinion of some 
experts the grant of such business process patents can cause unfair monopoly of the recipients. The 
courts have yet to decide complicated issues involving business process patents. 

^ Trade mark and domain name conflicts 


A trade mark is that sign/symbol that associates the manufacturer or service provider with the 
manufactured goods or services, respectively. For instance, where the letter ‘u’ is written in a particular 
style (say in a circle) on the product packaging, it can be termed as a trade mark. A trade name is that 
name or brand under which a business carries on its business activity to become recognizable. Often, a 
trade name can be used as a part of the trade mark. A domain name is the user friendly name used to 
access a web site, such as ‘vu.edu’. Domain names are unique and global in nature which means that 
there cannot be two similar domain names. On the other hand, trade marks/trade names can be 
multiple and localized. Thus, same trade mark/trade name can be used in relation to the same 
product/service in different countries or geographical areas. Similarly, same trade mark/trade name can 
be used in relation to different products/services within the same geographical area. Based upon this 
distinction between trade marks/trade names and the domain names, the experts have identified four 
areas of conflict as follows: 

Cyber squatting 

The act of intentionally registering domain names containing trademarks/trade names of prominent 
companies to later blackmail or demand ransom from those companies is called cyber squatting. It is 
regarded as an offence in most countries. Assume there is a firm ‘Glory Enterprise’ and it wants to have 
its web site. It also wants to have the word ‘glory’ as a part of its domain name because for years it has 
been recognized in the physical world through this word. However, at the time of registration of its 
domain name it finds that a person Mr. ‘A’ who has nothing to do with the business of the firm or the 
word ‘glory’ has already registered a domain name containing this word as a part of it. Since there 
cannot be two similar domain names, the firm is forced to request Mr. ‘A’ to transfer that domain name 
to it. In response, if Mr. ‘A’ blackmails or claims ransom from the said firm, he would be said to have 
committed cyber squatting. 

Concurrent use 


This problem arises when two organizations have apparently legitimate claim to use the same domain 
name but cannot do so due to the uniqueness of domain names. Suppose, there is a company 
manufacturing electronic goods and another company selling French fries. Under the traditional trade 
mark law both these companies can have the same trade mark/trade name such as ‘frys’. The problem 
arises when both apply for the registration of a domain name containing the word ‘frys’. Here, both are 
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legitimate claimants of this domain name but due to the element of uniqueness of domain names only 
one of them can be assigned the desired domain name. 

Parasites 

Parasite domain names are variants on famous domain names, and are confusingly similar to them to 
gain business advantage. For instance, a software company may intentionally register a domain name as 
‘macrosoft.com’ (a variant of domain name of the famous company ‘Microsoft’) to take advantage of 
the reputation of ‘Microsoft’. The idea is that someone intending to reach the web site of ‘Microsoft’ 
may mistype or misspell and reach the web site of ‘Microsoft’, instead, xyz.com vs. xyz.org 

This problem arises due to the fact that second level domain names can be assigned to multiple top- 
level domains. For example, ‘whitehouse.org’ and ‘whitehouse.com’ are two valid domain names. The 
former may take you to the web site containing information about the residence of the American 
President, whereas the later may have been deliberately registered with the same second level domain 
but a different top-level domain to gain business advantage. Thus, it is quite possible that a person 
wishing to know about the residence of the American President reaches an irrelevant or pornographic 
web site after typing the word ‘Whitehouse’ on a search engine. 

International Corporation for Assigned Names and Numbers (ICAAN), which supervises the task of 
registration of domain names worldwide, has developed and implemented a policy known as Uniform 
Dispute Resolution Policy (UDRP) for deciding domain name disputes. It enables trademark holders to 
claim/retrieve domain names by invoking mandatory arbitration proceedings at different arbitration 
forums or service providers. Arbitration is a legal concept in which parties, through an agreement, 
appoint/nominate a person or a panel to act as a judge in the matter instead of referring the dispute to 
the ordinary court of law. The decision of the arbitrator is regarded as final and binding on the parties. 
World Intellectual Property Organization (WIPO) based in Switzerland is one such arbitration service 
provider nominated under the UDRP. 

Online Defamation 

A defamatory statement is a false statement that injures the reputation of on another person or 
company. If a statement injures the reputation of a product or service instead of a person, it is called 
product disparagement. Suppose, someone circulates a news item in the media about the reputation of a 
doctor, alleging him to be professionally incompetent and negligent. This doctor may then file a lawsuit 
against that person claiming that his reputation has been injured due to such an act. Often, in cases of 
defamation the plea taken by the defendant is that his statement is not false. Rather, it is a ‘fair 
comment’. In case defamation is done using the internet, it is termed as online defamation. In countries 
abroad, the courts are replete with cases of online defamation, mainly, because the person causing 
defamation can expect to remain anonymous due to the nature of internet technology. 

It is difficult to draw a clear line between justifiable criticism and defamation. So, commercial web sites 
should avoid making negative or critical statements about other persons or products. Similarly, web site 
designers should avoid any defamation liability when indulged in the alteration or modification of a 
picture or image of a person. They should not depict such person in derogatory or negative sense. 
Moreover, any online statement about the competitors must be carefully reviewed before posting it on 
the web, lest it contains any element of defamation. 

Closely connected with online defamation is the issue of liability of the internet service providers (ISPs). 
ISPs provide the channel for communication. An ISP may be accused of aiding in the commission of 
online defamation where it provides hosting service to a web site containing defamatory material. 
Courts have prescribed a test in determining ISP’s liability in such a case. Accordingly, where the ISP 
has editing control; it can review any defamatory material and take it down from the web site; it should 
be treated as a publisher. In such a case the ISP can be held liable for online defamation. Conversely, 
where the ISP has no editing control over the offensive material posted on a web site; it would be 
merely acting as a distributor. In such a case, the ISP can escape liability for online defamation. 
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& Online Privacy 

Issue of online privacy is constantly evolving as internet grows as a tool of communication and 
commerce. Due to the nature of internet technology, it is possible for web sites to collect information 
about page viewing habits of visitors, product selection and demographic information (age, sex etc.) 
about the customers. This may threaten informational privacy rights of such visitors/customers. 
Cultural difference in different countries is the reason why there are different levels of expectations 
about privacy in different parts of the world. Many countries have, today, privacy laws such as Canada, 
European Union (EU) etc. Personal Information Protection and Electronic Documents Act, 2000 
(PIPEDA) is the federal law in Canada in this regard. In 1998, the EU adopted a directive on the 
protection of personal data, which gave the form of law to different constitutional guarantees/rights 
about privacy existing in most European countries. This is applicable to all internet activities. The 
directive also prevents businesses from exporting personal data outside EU unless this data is protected 
in the exporting country according to the provisions of the directive. In the Unites States of America, 
the government has avoided to introduce any firm privacy regulations. Companies in the U.S.A. are 
entitled to make policies or devise mechanism to regulate privacy issues themselves. The companies 
have adopted two different approaches in this regard, that is, opt-out approach and opt-in approach. In 
more common opt-out approach, the company collecting information assumes that the customer does 
not object to a specific use of information unless the customer specifically denies the permission. Thus, 
the company may use the collected information for its own purpose, as well as, sell or rent it out to 
other firms or persons. 

In less common opt-in approach, the company collecting information assumes that it cannot use the 
information for any other purpose except the one for which it is collected. Accordingly, it cannot sell, 
market, or rent out this information to other firms/persons unless the customer specifically chooses to 
allow such a use. Experts have highlighted four guiding principles to form the basis of any privacy 
legislation. These are as follows: 

^ collected data may be used for improved customer service; 

^ sharing of personal data with outside firms/persons should not be allowed unless the customer 
consents to that; 

^ customers should have the right to receive information about what type of data has been 
collected from them and in what manner has it been used; 

customers should have the right to ask for the deletion of any of their data collected by the 
company. 

I Internet Taxation 

Companies doing business on the web are subject to same taxes as any other business. However, 
traditional businesses operating at one location are subject to only one set of tax laws, but due to the 
international scope of ecommerce, e-businesses might have to comply with multiple tax laws enforced 
in different countries. An online business is subject to various taxes which include income tax, 
transaction taxes and property tax. Income tax is levied by the national or state or local government 
(where the business is located) on the net income generated by business activities. Transaction taxes 
include sales tax and custom duties which are levied on the products or services a business sells. Sales 
tax is levied on goods sold to customers. Traditionally, businesses have to file sales tax return with a 
competent authority and remit sales tax which they have collected from their customers on the sale of 
products or services. Custom duties are taxes levied or imposed by countries on the import of goods 
into the country. Property taxes are imposed by a government (including a local government) on 
personal property and real estate used in the business. Among these, income tax and sales tax are more 
important. 

Note that a government acquires the power to tax a business when that business establishes a 
connection with the area controlled by such government. Thus, connection between a tax payer and a 
government is called nexus. It is necessary to understand ‘nexus’ in order to determine where a 
particular tax has to be paid by an online business. E-businesses doing business in more than one 
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country have to deal with the issue of nexus to know the governments/countries entided to 
levy/receive taxes from them. Generally, the principle is that if a company undertakes sufficient 
business activities in a particular country it establishes nexus with that country and becomes liable for 
filing returns in that country and it must comply with its tax laws. Therefore, an e-business may be 
required to separately file tax returns and pay taxes in different countries. A web site maintained by a 
company in the United States must pay income tax to the American government on income generated 
inside and/or outside of the U.S.A. However, to avoid the issue of double taxation, the U.S. tax law 
allows credit/refund for taxes paid (if any) to the foreign countries in relation to foreign earnings. It is 
important for an online seller to know where the customer is located and what the law of sales tax is in 
that country or jurisdiction to determine whether or not a particular item is subject to sales tax. 

I Cyber Crimes 

The use of internet technology has given rise to crimes which could not be conceived of a few years 
ago. Such crimes more suitably called cyber crimes include online fraud, online hate (spreading hatred 
against a community through internet), cyber-stalking (sending threatening messages using internet), 
online terrorism, distribution of pornography, using a computer for launching attacks on other 
computers etc. Today, many countries of the world are busy in either drafting new laws to deal with the 
issue of cyber crimes or making suitable amendments in existing criminal code. Again, the issue of 
territorial jurisdiction is critical in this behalf. For instance, where a Pakistani resident commits a cyber 
crime against a Canadian resident, the question arises whether or not the Canadian court can take an 
action against this Pakistani, particularly, where the act of Pakistani is not considered criminal under the 
Pakistani law. 
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